Google Online Security Blog

The latest news and insights from Google on security and safety on the Internet.

[0x1] Iranian phishing on the rise as elections approach

[0x2] Increased rewards for Google’s Web Vulnerability Reward Program

[0x3] Disclosure timeline for vulnerabilities under active attack

[0x4] Changes to our SSL Certificates

[0x5] The results are in: Hardcode, the secure coding contest for App Engine

[0x6] New warnings about potentially malicious binaries

[0x7] Google Public DNS Now Supports DNSSEC Validation

[0x8] Videos and articles for hacked site recovery

[0x9] An update on our war against account hijackers

[0xA] Calling student coders: Hardcode, the secure coding contest for App Engine

EduGeek.net

EduGeek.net - The I.T. professionals' life line

[0x1] [Ubuntu] Transparent Proxy and vlans

[0x2] How to enable adding bookmarks in Google Chrome Enterprise through GPO?

[0x3] RealSmart

[0x4] Registry Batch File Remove/Exclude

[0x5] Bill Nye The Science Guy For iPhone And iPad

[0x6] [ASP.net] WebMatrix Parametrized Query Problem...

[0x7] Office365 - It looks like your account is blocked (ARGHHH)

[0x8] Croydon: IT Technician £17,480 - £21,376

[0x9] Third party mdm vs Apple Server (Profile manager)

[0xA] 2nd hand value of laptop trolley

DVLabs: Blogs

Recent Blog Posts

[0x1] Pwn2Own 2013

[0x2] 2012: Year in Review

[0x3] EUSecWest Mobile Pwn2Own 2012 Recap

[0x4] Mobile Pwn2Own 2012

[0x5] ZDI Update – June 2012

[0x6] Thank you Aaron

[0x7] Announcing the IDA Toolbag

[0x8] MindshaRE: Another Approach To Tracking ReadFile

[0x9] Pwn2Own Challenges: Heapsprays are for the 99%

[0xA] Pwn2Own 2012 and Google Pwnium

Antionline Forums - Maximum Security for a Connected World

AntiOnline Forums - Computer security community for internet safety and trusted networks

[0x1] Public DNS server

[0x2] Google hijacking IPs?

[0x3] password generator with library?

[0x4] Auto-delete texts? i

[0x5] Hi Everyone!

[0x6] Hi All

[0x7] Application Hosting | Accounting, CRM and Tax application Hosting Benefits

[0x8] HOw to choose CRM software for business ?

[0x9] Hello all, new to the forum.

[0xA] how to communicate for free US- Europe?

US-CERT Bulletins

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

[0x1] SB13-168: Vulnerability Summary for the Week of June 10, 2013

[0x2] SB13-161: Vulnerability Summary for the Week of June 3, 2013

[0x3] SB13-154: Vulnerability Summary for the Week of May 27, 2013

[0x4] SB13-147: Vulnerability Summary for the Week of May 20, 2013

[0x5] SB13-140: Vulnerability Summary for the Week of May 13, 2013

[0x6] SB13-133: Vulnerability Summary for the Week of May 6, 2013

[0x7] SB13-126: Vulnerability Summary for the Week of April 29, 2013

[0x8] SB13-119: Vulnerability Summary for the Week of April 22, 2013

[0x9] SB13-112: Vulnerability Summary for the Week of April 15, 2013

[0xA] SB13-105: Vulnerability Summary for the Week of April 8, 2013

Latest Linux Kernel Versions

Latest Linux Kernel Versions

[0x1] 3.10-rc6: mainline

[0x2] 3.9.6: stable

[0x3] 3.8.13: stable

[0x4] 3.7.10: stable

[0x5] 3.4.49: longterm

[0x6] 3.2.47: longterm

[0x7] 3.0.82: longterm

[0x8] 2.6.34.14: longterm

[0x9] 2.6.32.61: longterm

[0xA] next-20130619: linux-next

National Vulnerability Database

This feed contains the most recent fully analyzed CVE cyber vulnerabilities published within the National Vulnerability Database.

[0x1] CVE-2013-4616 (iphone_os)

[0x2] CVE-2013-1203 (asa_cx_context-aware_security_software)

[0x3] CVE-2013-4612 (redcap)

[0x4] CVE-2013-4611 (redcap)

[0x5] CVE-2013-4610 (redcap)

[0x6] CVE-2013-4609 (redcap)

[0x7] CVE-2013-4608 (redcap)

[0x8] CVE-2013-2981 (data_studio)

[0x9] CVE-2013-2980 (data_studio)

[0xA] CVE-2013-1097 (zenworks_configuration_management)

Jeremiah Grossman

A page to show up #1 on Google when searching for "Jeremiah" (Currently #4).
Only the prophet and TV show left!
I have the edge, TV show is cancelled and the prophet isn't generating any new content.

The prophet, TV show, and that pesky Owyang guy going down!
A page to show up #1 on Google when searching for "Jeremiah Grossman", and it FINALLY has!

[0x1] Aaron's suicide: System Contributed, Society Perpetuated

[0x2] Written Speech: TEDxMaui -- Hack Yourself First

[0x3] TEDxMaui -- Hack Yourself First

[0x4] Terrified

[0x5] How I got my start -- in Brazilian Jiu-Jitsu

[0x6] Web security content moving to new WhiteHat Security corp blog

[0x7] Sentinel SecurityCheck

[0x8] 11th WhiteHat Website Security Statistic Report: Windows of Exposure

[0x9] Robert “RSnake” Hansen, age 34, has passed away, on Facebook

[0xA] Top Ten Web Hacking Techniques of 2011

PCI Security Standards Council Press Releases

PCI Security Standards Council latest Press Releases

[0x1] PCI Security Standards Council Announces Keynote Speakers for Annual Community Meetings

[0x2] PCI Security Standards Council Updates Standard for PIN Transaction Security

[0x3] PCI Security Standards Council Announces Opening of Special Interest Group Proposal Period

[0x4] PCI Security Standards Council Announces New Board Of Advisors

[0x5] PCI Security Standards Council Published Card Production Security Requirements

[0x6] PCI Council Announces New Affiliate Members

[0x7] PCI Council Announces Inaugural Asia-Pacific Community Meeting

[0x8] PCI Council Opens Registration for 2013 Global Community Meetings

[0x9] PCI Security Standards Council Appoints Rob Tourt as 2013 Chairperson

[0xA] PCI Security Standards Council Releases Guidance for Merchants on Mobile Payment Acceptance Security

Network Security Blog

Join me as I spend 30 minutes each week talking about the computer security issues facing us today. I discuss privacy, hacking, malware and the Payment Card Industry (PCI) Data Security Standards.

[0x1] Rage against the Machine III

[0x2] Rage against the Machine II

[0x3] Rage against the machine!

[0x4] I’d forgotten why I write

[0x5] Network Security Podcast, Episode 314

[0x6] Network Security Podcast, Episode 313

[0x7] Network Security Podcast, Episode 312

[0x8] Network Security Podcast, Episode 311

[0x9] Network Security Podcast, Episode 310

[0xA] Network Security Podcast, Episode 309

SecuraBit

Before It Bytes!

[0x1] SecuraTip Episode 5: SpiderFoot

[0x2] SecuraBit Episode 118: The Conference Classic

[0x3] SecuraTip Episode 4: tekCollect

[0x4] SecuraTip Episode 3: Noriben

[0x5] SecuraTip Episode 2: Automater

[0x6] Gathering and Cracking MD5 Hashes

[0x7] BsidesROC(ked)!

[0x8] Wireshark Export HTTP objects

[0x9] SecuraTip Episode 1: NetworkMiner

[0xA] SecuraBit Episode 117: The Internet is on Fire!

Splunk Blogs

[0x1] Getting data from your REST APIs into Splunk

[0x2] Are you going to Cisco Live 2013, Orlando?

[0x3] Windows, Perfmon and Internationalization

[0x4] Get to .conf2013 – Your Data, No Limits

[0x5] Importing SharePoint ULS Logs

[0x6] Splunk Powers Up With jQuery!

[0x7] Thoughts from Microsoft TechEd North America

[0x8] SplunkIt v2.0.2 Results & EC2 Storage Comparisons

[0x9] Splunk on Splunk 3.0 Now Live!

[0xA] Running as a Windows Service

Twitter / oscon

Twitter updates from O'Reilly OSCON / oscon.

[0x1] oscon: Easily Invoke Common Protocols with Twisted - Spin up Python-friendly services with 0 lines of code http://t.co/29oTkk0isW

[0x2] oscon: RT @andreabledsoe: So proud our #womenintech resource center is live, w/ great articles +enter to win a #OSCON scholarship...

[0x3] oscon: @edd @bkerensa Sure, anyone can attend evening BoFs

[0x4] oscon: RT @mmmpork: If you're going to #oscon and you're into #perl check out my talk on contributing http://t.co/HEJaPF5JbY

[0x5] oscon: Tutorials at #OSCON are filing up (some already sold out). Register soon to get your top choices http://t.co/bQv7k8VXTf

[0x6] oscon: RT @build_cloud: Play poker w/ Apache #CloudStack's community members above Portland's city lights at #OSCON! Register now...

[0x7] oscon: RT @mark_grover: Attending #oscon at end of July in Portland? Come hear my talk on Apache Bigtop http://t.co/kkSdOyyY5a

[0x8] oscon: Last chance - today is the last day for #OSCON early registration pricing. Register by midnight PT to save http://t.co/E0JKpcj1Rp

[0x9] oscon: Alumnus of #OSCON can save an extra 20% on their 2013 registration. Use code ALUMNI when you register http://t.co/E0JKpcj1Rp #opensource

[0xA] oscon: Only 48 hours left to get discounted tickets to #OSCON. Early registration prices end tomorrow at midnight http://t.co/E0JKpcj1Rp

Michael Howard's Web Log

A Simple Software Security Guy at Microsoft!

[0x1] Security Sessions at TechEd in Australia and New Zealand

[0x2] ATL, MS09-035 and the SDL

[0x3] Integrating the SDL process into Visual Studio

[0x4] A Conversation About Threat Modeling

[0x5] Ken Johnson (Skywing) joins Microsoft

[0x6] Free Download: Writing Secure Code for Windows Vista

[0x7] Secure software development practices 'not rocket science'

[0x8] A Proactive Approach to Building a Successful Security Development Lifecycle Program

[0x9] Improvements in Office Security

[0xA] Volume 5 of the Microsoft Security Intelligence Report is out

TechRadar: All latest news feeds

TechRadar UK latest feeds

[0x1] Samsung distances itself from Facebook Phone links

[0x2] Lenovo unveils ThinkPad S531 Ultrabook

[0x3] Updated: Surface 2 release date, news and rumors

[0x4] Alleged iPhone 5S images suggest Apple isn't shaking up the design

[0x5] Gartner says cloud to account for third of office systems

[0x6] iOS 7 reveals hidden gesture controls, appears on iPad again

[0x7] Tutorial: Organize music and movies: the complete guide to managing your media

[0x8] Microsoft drops linked accounts on Outlook.com

[0x9] Microsoft Surface 2 could ditch Nvidia for Qualcomm's 4G prowess

[0xA] HTC Butterfly S emerges from cocoon with Ultrapixel camera

Network World on Intrustion Detection and Prevention

The latest intrusion detection and prevention news and analysis from NetworkWorld.com.

[0x1] New backdoor malware 'KeyBoy' used in targeted attacks in Asia, researchers say

[0x2] Bill aims to discourage nations from sponsoring cyberattacks

[0x3] Cyberespionage campaign 'NetTraveler' siphoned data from hundreds of high-profile targets, researchers say

[0x4] Defending against exploit kits

[0x5] Drupal resets account passwords after detecting unauthorized access

[0x6] Hackers exploit Ruby on Rails vulnerability to compromise servers, create botnet

[0x7] US weapons system designs were reportedly viewed by Chinese hackers

[0x8] Researchers find unusual malware targeting Tibetan users in cyberespionage operation

[0x9] U.S. power companies under frequent cyberattack

[0xA] Researchers find critical vulnerabilities in popular game engines

Security Bytes

A SearchSecurity.com blog

[0x1] North Korean attacks on the rise?

[0x2] Trend Micro shoots down Crisis Trojan threat to VMware

[0x3] FFIEC cloud computing risks document: Where’s the beef?

[0x4] Federal cloud computing strategy faces challenges, GAO finds

[0x5] Yahoo fixes flaw that led to password breach

[0x6] AWS outage doesn’t discourage Netflix from banking on the cloud

[0x7] DNSChanger malware problems unlikely

[0x8] Putting the mobile botnet threat in perspective

[0x9] Operation High Roller: Server-side automation in online bank fraud

[0xA] Review your security contingency plan during the 2012 Olympic Games

CSOONLINE.com - Loss Prevention

[0x1] Wake up! Boston bombings a call for renewed citizen vigilance

[0x2] Executive protection: 4 essentials for secure travel

[0x3] Social Engineering: The Basics

[0x4] Securing one million shoppers for the holidays

[0x5] Video content analysis: still looking for its place

[0x6] Vulnerabilities in payment terminals demonstrated at Black Hat

[0x7] Money transfers, creative scammers, and fraud

[0x8] CSO's Ultimate Guide to Intellectual Property Protection

[0x9] Will your next car steal itself?

[0xA] There's no 911 for cybercrime. If there were, would you call?

ha.ckers.org web application security lab

Web Application Security Blog

[0x1] And Beyond…

[0x2] FAQ

[0x3] What’s Left?

[0x4] Mod_Security and Slowloris

[0x5] Minimalistic UI Decisions in Browsers

[0x6] Cheating Part 2

[0x7] Cheating Part 1

[0x8] FireSheep

[0x9] Detecting Malice With ModSecurity

[0xA] Performance Primitives

Wilders Security Forums

This is a Computer Security discussion forum.

[0x1] Spybot S&D detection updates 2013-06-19

[0x2] VIPRE defs update June 19, 2013

[0x3] SUPERAntiSpyware defs update 06/19/2013

[0x4] avast! defs update 19.6.2013

[0x5] Can't get config loaded

[0x6] Confused

[0x7] Texas becomes first US state to ban warrantless email snooping

[0x8] AVG defs update June 19, 2013

[0x9] ESET defs update June 19, 2013

[0xA] Adblock Plus for Internet Explorer released

2600: The Hacker Quarterly

Off The Hook and Off The Wall

[0x1] Off The Wall show for June 18, 2013

[0x2] Off The Hook show for June 12, 2013

[0x3] NEW CLUB-MATE SHIPMENT IS IN - MORE SHIPPING OPTIONS

[0x4] TESLA BILLS ARE BACK!

[0x5] SPRING ISSUE OF 2600 RELEASED

[0x6] VOLUME 25 OF 2600 NOW ONLINE - DRM FREE - IN KINDLE, NOOK, AND PDF FORMATS

[0x7] WINTER ISSUE OF 2600 RELEASED

[0x8] VOLUME TWO OF 2600 NOW ONLINE - DRM FREE - IN KINDLE, NOOK, AND PDF FORMATS

[0x9] AN OPEN LETTER TO OUR LISTENERS FROM THE STAFF OF "OFF THE HOOK"

[0xA] THE FIFTH HOPE VIDEO ARCHIVE NOW ONLINE

MacRumors: Mac News and Rumors - Front Page

the mac news you care about

[0x1] New Video May Show iOS 7 Running on an iPad

[0x2] Apple Giving Retail Employees Beta Access to OS X Mavericks

[0x3] Leaked Image Suggests 'Voice Memo' Will Return in Future iOS 7 Beta Release

[0x4] Apple TV iOS 7 Beta Adds iTunes Radio and Conference Room Display Mode

[0x5] Case for Lower-Cost iPhone with Thicker Profile and Curved Edges Surfaces

[0x6] Hidden iOS 7 Settings Reveal Potential Gesture and Folder Enhancements

[0x7] Adobe Releases New Creative Cloud Apps

[0x8] iPhone 5S Display Assembly Surfaces, Appears to Fit Leaked Logic Board

[0x9] Video Shows Differences Between Mavericks and Mountain Lion Multiple Monitor Support

[0xA] Paperback Version of 'Steve Jobs' Biography Coming September 10 with Younger Jobs on Cover

Wi-Fi Access and Security Blog - AirTight Networks

controllerless, cloud managed, secure Wi-Fi

[0x1] How to implement BYOD with Wi-Fi / WIPS assist

[0x2] Fast Forward: The New Personalized In-Store Shopping Experience

[0x3] 802.11ac (Wave-1): Network Engineering Insights

[0x4] Don’t deploy 802.11ac without thorough RF planning

[0x5] Customer Success Stories: Pinkberry, Garden Fresh and Noodles & Company

[0x6] Wi-Fi networks in 5 GHz: a few observations

[0x7] Not Your Mom’s Shopping List

[0x8] Attention Retail Marketers: In-Store Shoppers are Changing. Are You?

[0x9] Free Wi-Fi is a Win-Win for Retail Marketers and Customers

[0xA] The WiSE Article Series on CWNP

CIO Security

Latest Security issues from CIO UK

[0x1] Demand for IT contractors may grow due to Vickers bank report

[0x2] Universal Credit IT plans too optimistic, MPs warn

[0x3] Criminals impersonate UK police to spread ransom Trojan

[0x4] John Lewis's IT director Paul Coby outlines IT strategy

[0x5] HP in DWP job offshoring U-turn

[0x6] Algorithmic stock trading rapidly replacing humans

[0x7] Algorithmic stock trading rapidly replacing humans, warns government paper

[0x8] Poundland spends on new LAN

[0x9] Many businesses lining up cloud computing but not yet migrating

[0xA] Many businesses lining up cloud computing but not yet migrating, report claims

Darknet - The Darkside

Ethical Hacking, Penetration Testing & Computer Security

[0x1] PRISM, Edward Snowden, Big Brother & More Stuff We Already Knew

[0x2] OWASP Bricks – Modular Deliberately Vulnerable Web Application

[0x3] 4 Former LulzSec Members Sentenced To Prison Time In The UK

[0x4] PentesterLab.com – Excercises To Learn Penetration Testing

[0x5] New eLearnSecurity Course – WAPT – Web Application Penetration Testing

[0x6] Large Scale Botnet Brute Force Password Cracking Against WordPress Sites

[0x7] HoneyDrive Desktop v0.2 Released – Honeypot LiveCD

[0x8] Andrew Auernheimer AKA Weev Gets 41 Months Jail Time For GET Requests

[0x9] SSLyze v0.6 Available For Download – SSL Server Configuration Scanning Tool

[0xA] Evernote Hacked – ALL Users Required To Reset Passwords

Well, I'm Back

Robert O'Callahan. Christian. Repatriate Kiwi. Mozilla hacker.

[0x1] Developer Parallelism

[0x2] Meeting Absenteeism

[0x3] Blink, PNaCl, And Standards

[0x4] Taiwan Travelogue

[0x5] Travel

[0x6] The Direct Route

[0x7] Web Audio Progress

[0x8] Rotorua

[0x9] Hunuas Tramp

[0xA] Upcoming Travel Plans

Lenny Zeltser on Information Security

This blog by Lenny Zeltser focuses on information security. Lenny is a seasoned business leader with extensive hands-on experience in IT and information security.

[0x1] Digital Forensics and InfoSec Career Advice From Across the Web

[0x2] What Anomalies Trigger The LinkedIn Sign-In Verification Challenge?

[0x3] Attributing Cyberattack Activities to a Group in India

[0x4] Several Posts on Malware Analysis Tools

[0x5] Anticipating Cyber Threats Beyond APT

[0x6] Speeding up the Clock for Malware Analysis...

[0x7] Free Recorded Malware Forensics Webcasts

[0x8] New Release of REMnux Linux Distro for Malware Analysis

[0x9] Two-Step Verification for Apple ID Consistent With Authentication Trends

[0xA] Indicators of Compromise Entering the Mainstream Enterprise?

Tech Digest

Gadgets, mobile phones, news and reviews

[0x1] John McAfee meltdown continues with bizarre YouTube Antivirus video

[0x2] Samsung not interested in making "Facebook-friendly" phones

[0x3] PlayStation 3 update 4.45 bricking some consoles

[0x4] HTC Butterfly S headed to Taiwan with 5-inch Full HD screen

[0x5] Huawei unveils the Ascend P6 - the world's slimmest smart phone?

[0x6] Huawei unveils the Ascend PS - the world's slimmest smart phone?

[0x7] JBL's new J-Series complete with mic/remote for mobile

[0x8] BubblePod 360 degree smart phone camera to be funded by Kickstarter

[0x9] Bubblepod 360 degree smart phone camera to be funded by Kickstarter

[0xA] Gone in 60 seconds. How we are now sharing images online within a minute

CSOONLINE.com - Pandemic Preparedness

[0x1] Business Continuity and Disaster Recovery Planning: The Basics

[0x2] BC/DR spending not a top budget priority

[0x3] CSO's ultimate guide to business continuity and disaster recovery

[0x4] Lack of Telework Preparedness Puts Business Continuity in Danger?

[0x5] Gartner Joins GAO in Raising Flu Network Congestion Fears

[0x6] Most Businesses READY for Flu Pandemic?

[0x7] Swine Flu Near You? IPhone App Will Let You Know

[0x8] A Swine Flu (H1N1) Business Continuity Planning Guide

[0x9] Swine Flu: Watching the Southern Hemisphere for Signs of H1N1 Havoc

[0xA] WHO Declares Swine flu a Pandemic. Now What?

Cisco Security Advisories

Cisco Security Advisories (the 40 most recent advisories)

[0x1] Attention: New Cisco Security Advisory RSS Feed Locations

[0x2] Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras

[0x3] Cisco Unified Contact Center Express Directory Traversal Vulnerability

[0x4] Cisco Unified Communications Manager Directory Traversal Vulnerability

[0x5] Buffer Overflow Vulnerabilities in the Cisco WebEx Player

[0x6] Cisco Security Agent Remote Code Execution Vulnerabilities

[0x7] Cisco Show and Share Security Vulnerabilities

[0x8] CiscoWorks Common Services Arbitrary Command Execution Vulnerability

[0x9] Cisco TelePresence Video Communication Server Cross-Site Scripting Vulnerability

[0xA] Cisco IOS Software Smart Install Remote Code Execution Vulnerability

CSOONLINE.com - Critical Infrastructure

[0x1] Wall Street sets example for testing security defenses

[0x2] Businesses slow-walk classified data-sharing efforts with feds

[0x3] Info-sharing between the feds and private sector needs work, says NSS

[0x4] Nation's power grid under constant cyberattack, but Congress lax

[0x5] IT security vendors seen as clueless on industrial control systems

[0x6] Army Corps database on dams compromised

[0x7] Vulnerable terminal servers reflect bigger security problem

[0x8] Air Force reclassification of cyber tools as weapons sparks speculation

[0x9] Control system hack at manufacturer raises red flag

[0xA] The SCADA Security Survival Guide

GFI Labs blog

A blog about activities, products and ideas at GFI (formerly Sunbelt Software), one of the leading developers of security software to protect against spyware, spam and other threats.

[0x1] Thinspo Tumblr Page leads to Fake News Diet Supplement Site

[0x2] Scammers Invite Facebook Users to Test the New PS4, XBox 720

[0x3] PlanetSide 2: Unauthorised Third-Party Access Shenanigans

[0x4] Valentine’s Day Threats: That Front Called “Love”

[0x5] SIR: Regions with High Piracy Rate Also Have High Malware Infection Rate

[0x6] Email Threats Highlights: US Airways and American Airlines Spam

[0x7] Ransomware Spam Pages on Github, Sourceforge, Others

[0x8] SID 2013: Their Message is Our Mission

[0x9] Oracle Releases Early Patch to Address Java Flaw

[0xA] Tumblr Spamrun gets Personal on Facebook

Security University 2011 Class Schedule

2011 Security University Classes

[0x1] CISSP® Prep/The Official SU CISSP® Prep Class

[0x2] Q/EH® Qualified/ Ethical Hacker Class - Enroll Now!

[0x3] Q/SA® Qualified/ Security Analyst Penetration Tester Certification w/ Q/PTL® License - Enroll Now!

[0x4] Q/FE® Qualified/ Forensic Expert - Enroll Now!

[0x5] Q/ND® Qualified/ Network Defender - Enroll Now!

[0x6] Q/NSP® Qualified/ Network Security Policy Admin and SOA Security Oriented Architect - Enroll Now!

[0x7] Q/AAP® Qualified Access, Authentication and PKI Professional - Enroll Now!

[0x8] CWNA™/CWSP™ Boot Camp - Enroll Now!

[0x9] Q/WAD® Qualified/ Wireless Analyst and Defender - Enroll Now!

[0xA] Q/SSE® Qualified/ Software Security Expert Cert. - Enroll Now!

www.derkeiler.com: Pen-Test

Pen-Test

[0x1] GreHack 2013 - 2nd Call For Papers - November 15, Grenoble, France

[0x2] c0c0n 2013 CFP - Extended Deadline: 9 June, 2013

[0x3] CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!

[0x4] [HITB-Announce] HITB Magazine Issue 010

[0x5] SpiderFoot 2.0 released

[0x6] WASC Announcement: Static Analysis Technologies Evaluation Criteria Published

[0x7] Ruxcon 2013 Call For Papers

[0x8] [TOOL] TOPERA v2 released

[0x9] [HITB-Announce] #HITB2013KUL Call for Papers

[0xA] Breakpoint 2013 Call For Papers

Network Security Blog

Join me as I spend 30 minutes each week talking about the computer security issues facing us today. I discuss privacy, hacking, malware and the Payment Card Industry (PCI) Data Security Standards.

[0x1] Rage against the Machine III

[0x2] Rage against the Machine II

[0x3] Rage against the machine!

[0x4] I’d forgotten why I write

[0x5] Network Security Podcast, Episode 314

[0x6] Network Security Podcast, Episode 313

[0x7] Network Security Podcast, Episode 312

[0x8] Network Security Podcast, Episode 311

[0x9] Network Security Podcast, Episode 310

[0xA] Network Security Podcast, Episode 309

Podcasts

Listen to the latest Podcasts from Veracode

[0x1] Detecting "Certified Pre-owned" Software and Devices

[0x2] Application Outsourcing Podcast

[0x3] PCI Primer - Introduction to PCI Compliance

[0x4] Veracode Talks Security with InfoWorld

[0x5] How Vulnerabilities Get Into All Software

[0x6] Software Security Testing: Strengthening Your Defense Strategy

[0x7] Software Security Testing: Demanding Software Security

[0x8] Software Security Testing: Future of Software Flaws

[0x9] Veracode Shines Spotlight on Application Backdoors Threat

[0xA] Security Media Group: Interview with Veracode Founders

Securityvulns news channel

securityvulns.ru vulnerabilities newsline

[0x1] DoS против Mozilla Firefox / Microsoft Internet Explorer

[0x2] DoS против pymongo

[0x3] Несанкционированный доступ к HP Integrated Lights-Out

[0x4] Уязвимости безопасности в HP Service Manager / HP ServiceCenter

[0x5] Переполнение буфера в Ubiquiti airCam

[0x6] Обход защиты в устройствах Ruckus

[0x7] Несанкционированный доступ к Ruckus ZoneDirector

[0x8] Уязвимости безопасности в X-серверах и библиотеках, дополнено с 27.05.2013

[0x9] Переполнение буфера в PHP

[0xA] Уязвимости безопасности в Subversion

Steve (GRC) Gibson's Blog

Steve's Public Brain Dumping Ground (watch where you step!)

[0x1] IronMan 3 was “Unbelievable”… but not in a good way.

[0x2] Reverse Engineering RSA’s “Statement”

[0x3] Why Firesheep’s Time Has Come

[0x4] Instant Hotspot Protection from “FireSheep”

[0x5] iPhone 4 External Antenna Problem

[0x6] HCP 0-Day Quick Fix

[0x7] FLASH Adobe Forward to v10.1

[0x8] Pads ARE Next

[0x9] The Obvious Genius of iPad

[0xA] Facebook and the Ford Pinto

Internet Security News - SecurityProNews

Breaking news and top stories from the world of Internet security.

[0x1] Facebook Becomes A Favorite Target Of Phishers

[0x2] Google Goes After Impersonator Scammers

[0x3] Senate Uncovers Online Credit Card Tricks

[0x4] McAfee: Cyberwarfare A Big Threat

[0x5] ICSA Labs Finds Flaws In New Security Products

[0x6] Nigeria Announces Early Results Of Anti-Scammer Initiative

[0x7] MessageLabs Names Most- (And Least-) Spammed States

[0x8] Enormous Malware Archive Creates Stir

[0x9] Avsim Hacker (Maybe) Brought Before Cops

[0xA] Email Password Hackers Present Real Threat

LinuxSecurity.com: EnGarde_Secure_Linux Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] EnGarde Secure Community Release Notes 3.0.10

[0x4] EnGarde Secure Community 3.0.8 Release Notes

[0x5] EnGarde Secure Community 3.0.7 Release Notes

[0x6] EnGarde Secure Community 3.0.6 Release Notes

[0x7] EnGarde Secure Community 3.0.5 Release Notes

[0x8] EnGarde Secure Community 3.0.4 Release Notes

[0x9] EnGarde Secure Community 3.0.3 Release Notes

[0xA] EnGarde Secure Community 3.0.2 Release Notes

The SMB Minute

The SMB Minute

[0x1] Great collection of different tools at grassrootssecurity

[0x2] Four Must-Have SMB Security Tools

[0x3] How to choose the right Firewall for Your SMB

[0x4] Fake Anti-Virus Progams

[0x5] Interview with Chirs Nickerson Part3

[0x6] Those Who Cannot Remember the Past are Condemned to Repeat it

[0x7] Your photos are NOT posted online

[0x8] More Phishing attempts

[0x9] Interview with Chris Nickerson Part 2, NOW with BETTER audio

[0xA] Interview with Chris Nickerson (part 1)

Microsoft Sec Notification

Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products—note how most have a prominent and often-misleading "mitigating factors" section.

[0x1] Microsoft Security Bulletin Minor Revisions

[0x2] Microsoft Security Bulletin Minor Revisions

[0x3] Microsoft Security Bulletin Summary for June 2013

[0x4] Microsoft Security Advisory Notification

[0x5] Microsoft Security Bulletin Minor Revisions

[0x6] Microsoft Security Bulletin Minor Revisions

[0x7] Microsoft Security Bulletin Minor Revisions

[0x8] Microsoft Security Bulletin Minor Revisions

[0x9] Microsoft Security Advisory Notification

[0xA] Microsoft Security Bulletin Minor Revisions

extraexploit

[0x1] extraexploit memories

[0x2] the last/final touch!

[0x3] DigiNotar facts - just some links

[0x4] Operation Shady RAT - HTran

[0x5] an old bug for a new job ? CVE-2004-0194

[0x6] TDSS - SRVs list

[0x7] DroidKungFu - just some piece of code

[0x8] FlashUtil10m_Plugin.exe command line crash

[0x9] cve-2011-0609 - bugix blog analysis

[0xA] mmspicture.ru - mobile malware depot

Light Blue Touchpaper

Security Research, Computer Laboratory, University of Cambridge

[0x1] Internet Censorship and Control

[0x2] Workshop on the Economics of Information Security 2013

[0x3] Security and Human Behaviour 2013

[0x4] A further observation on quantum computing

[0x5] Revisiting secure introduction via hyperlinks

[0x6] A search engine for code

[0x7] Traceability in the Queen’s Speech

[0x8] How Privacy is Lost

[0x9] Liveblog – MedConfidential.org launch

[0xA] Is the US Government losing it again?

War on Error

One day they'll laugh at what we think is secure. Thankfully, we won't be there to hear them...

[0x1] Are ESTA visa scams really dead? Not yet

[0x2] Are ESTA visa scams really dead? Not yet

[0x3] Ethernet is 40 - from Alohanet to Terabit and beyond

[0x4] FinFisher: legitimate spy program or dubious commercial malware?

[0x5] FinFisher: there is no such thing as legitimate spyware

[0x6] Scotland's Internet startups still firing on one cylinder

[0x7] Did a 300Gb/s DDoS really slow the Net? Only if you believe in Smurfs

[0x8] Did 300Gb/s DDoS really slow the Net? Only if you believe in Smurfs

[0x9] Will China's techies go near Canonical's 'Kylin' Linux?

[0xA] Linux in China, Ubuntu style

Irongeek's Security Site

Irongeek.com, Adrian Crenshaw's Information Security site (along with a bit about weightlifting and other things that strike my fancy). Home of my articles and videos on computer security. As I write articles and tutorials I will be posting them here. If you would like to republish one of the articles from this site on your webpage or print journal please e-mail me. Enjoy the site and write us if you have any good ideas for articles or links.

[0x1] All BSides Rhode Island Videos

[0x2] BSides Rhode Island Videos

[0x3] ASAReaper: Grab Configs From Multiple Cisco Devices Over SSH (Demos PExpect and AES Encrypted INI Files in Python) Updated

[0x4] Indiana University (IU, IUS, IU*, Etc) Salaries

[0x5] Kali Linux Live Boot USB Flash Drive - Jeremy Druin

[0x6] Webshell Demos And Notes

[0x7] Webshell Collection Page Updated With Source Code

[0x8] About page and CV updated

[0x9] ISSA Kentuckiana Web Pen-Testing Workshop

[0xA] AIDE 2013:The rest of the videos

I Am Security

[0x1] Red Team Training Comes to Vegas!

[0x2] Do as I say, not as I do. RSA, Bit9, Adobe, and others…

[0x3] Phishing/Threatening done wrong

[0x4] Ambulance chasing or DNA research?

[0x5] Apple, meet GPG, GPG, meet Apple.

[0x6] Vegas 2012 by the Numbers

[0x7] Security Awareness and Security Context – Aitel and Krypt3ia are both wrong?

[0x8] This one time, at Defcon… (a blast from the past)

[0x9] SexyDefense comes to Vegas!

[0xA] So you thought you were protected: How hackers can break into your business

MSDN Blogs

via RSS Feed & Other Development Resources

[0x1] Task Manager in Windows 8 (video)

[0x2] Task Manager in Windows 8 (video)

[0x3] Now Available – Microsoft Dynamics NAV 2013 on Windows Azure!

[0x4] Have you tried Internet Explorer 10?

[0x5] Who’s going to be the June SSRS Guru?

[0x6] Single Sign On (SSO) on Windows 8

[0x7] ? ?????? ????????: ???????????? ??????

[0x8] ? ?????? ????????: ???????????? ??????

[0x9] Recurso em destaque: blocos dinâmicos

[0xA] ?????????:??? ???

Microsoft Security Blog

The official Microsoft blog for discussing industry and Microsoft security topics.

[0x1] Now Available: Enhanced Mitigation Experience Toolkit (EMET) Version 4.0

[0x2] Targeted Attacks Video Series

[0x3] Security Intelligence Report v14 on the Road: Malaysia, India and Singapore

[0x4] Students - This is the last week to Enter the Cybersecurity 2020 Essay Contest

[0x5] Now available - "Windows Server 2012 Security from End to Edge and Beyond"

[0x6] Security Intelligence Report v14 on the Road: Hong Kong S.A.R.

[0x7] European Union check-up: Locations with Lowest Infection Rates in the EU and What We Can Learn From Them

[0x8] European Union Check-Up: Malicious Websites Hosted in the EU

[0x9] Microsoft Releases New Mitigation Guidance for Active Directory

[0xA] European Union check-up: Romania still tops the list of most infected in the EU

Hackers For Charity

Hackers For Charity

[0x1] Handwoven HFC BRACELETS

[0x2] Riots shut down school – HFC to the rescue!

[0x3] “Steampunk” hand made leather lockpick cases

[0x4] Another org back in action!

[0x5] The Apple Store farted on my desk!

[0x6] June 10: Big custom leather order!

[0x7] Ugandan Martyr’s Day

[0x8] May 25-26: Guests at Jinja House

[0x9] May 24: Miracle on the Interwebz

[0xA] May 23: A Miracle in Kentucky

Network Security Podcast

[0x1] Network Security Podcast, Episode 316

[0x2] Network Security Podcast, Episode 315

[0x3] Network Security Podcast, Episode 314

[0x4] Network Security Podcast, Episode 313

[0x5] Network Security Podcast, Episode 312

[0x6] Network Security Podcast, Episode 311

[0x7] Network Security Podcast, Episode 310

[0x8] Network Security Podcast, Episode 309

[0x9] Network Security Podcast, Episode 308

[0xA] Network Security Podcast, Episode 307

Securelist / Glossary

[0x1] Toolkit

[0x2] Kaspersky Security Network (KSN)

[0x3] ITW (In-the-Wild) samples

[0x4] Crimeware

[0x5] Keylogger

[0x6] World Wide Web

[0x7] WildList

[0x8] WiFi

[0x9] Whitelist

[0xA] Web browser

Securelist / Blog

[0x1] AutoRun. Reloaded

[0x2] The most sophisticated Android Trojan

[0x3] "NetTraveler is Running!" - Red Star APT Attacks Compromise High-Profile Victims

[0x4] Security policies: portable applications

[0x5] What are children doing online?

[0x6] Jumcar. Peruvian navy? Who could be behind it? [Third part]

[0x7] Caution! Fraud!

[0x8] Jumcar. Timeline, crypto, and specific functions. [Second part]

[0x9] Jumcar. From Peru with a focus on Latin America [First part]

[0xA] NoSuchCon 2013

CSOONLINE.com - Security Leadership

[0x1] NSA surveillance controversy: Much ado about nothing new?

[0x2] 5 ways to create a collaborative risk management program

[0x3] Do your employees choose data protection or productivity?

[0x4] Why you need a security buddy (and how to find one)

[0x5] Using security skills for charitable cause

[0x6] Women leaders in security recognized

[0x7] The 7 elements of a successful security awareness program

[0x8] Boston bombings was not about failed intelligence

[0x9] Social engineering in penetration tests: 6 tips for ethical (and legal) use

[0xA] Why security is in denial about awareness

Dell SecureWorks Info Feed

Dell SecureWorks news, press releases, events, and research alerts.

[0x1] Carrier IQ: Requires Additional Review

[0x2] Transitive trust and SSL certificate verification

[0x3] PCI Guidance on Virtualization and Cloud

[0x4] DELL SECUREWORKS PARTNERS WITH QUALYS TO DELIVER SAAS-BASED VULNERABILITY MANAGEMENT SERVICES

[0x5] Recent events cause re-assessment of SecurID integrity

[0x6] "Imperva SecureSphere XSS and the nature of security-product vulnerabilities"

[0x7] News: Happy birthday Dell: The beginning of an evolution/revolution (TG Daily)

[0x8] "Sony PlayStation Network Breach"

[0x9] April 2011 Patch Tuesday sets a new record

[0xA] The Cloud Security Silver Lining

Advisory Files ≈ Packet Storm

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

[0x1] Debian Security Advisory 2628-2

[0x2] Debian Security Advisory 2698-1

[0x3] Ubuntu Security Notice USN-1886-1

[0x4] Puppet Remote Code Execution

[0x5] FreeBSD Security Advisory - mmap Privilege Escalation

[0x6] Apache Santuario XML Security For C++ Signature Bypass

[0x7] Technical Cyber Security Alert 2013-168A

[0x8] Ubuntu Security Notice USN-1884-1

[0x9] Ubuntu Security Notice USN-1885-1

[0xA] Debian Security Advisory 2710-1

Computer Security News

News on Computer Security continually updated from thousands of sources around the net.

[0x1] Stocks move higher as traders wait on the Fed

[0x2] Sentencing postponed in Pitt online threats case

[0x3] Stuntwoman sues News Corp. over alleged phone hack

[0x4] Hacking probe in Ohio rape case targets Ky. man

[0x5] Obama: NSA secret data gathering 'transparent'

[0x6] Nob Hill, Raley's silent on cyber attack

[0x7] Ex-Purdue Students Charged With Massive 'Grade Hacking' Scheme

[0x8] StopTheHacker Makes Website Vulnerability Patching Affordable for SMBs With New Service

[0x9] Surveillance cameras can be hacked: expert

[0xA] States scramble to attract suddenly hot cybersecurity firms

CSOONLINE.com - PCI and Compliance

[0x1] Health care breach victims plummet

[0x2] Security and vulnerability assessment: 4 common mistakes

[0x3] Little sympathy for merchants in disputes over PCI violations

[0x4] Taking copyright fight to ISPs too punitive, say critics

[0x5] Payment Card Industry clears up confusion over cloud use

[0x6] Nationwide/Allied security breach highlights litigation fears

[0x7] Heist once again highlights e-banking vulnerabilities

[0x8] Courts widening view of data breach damages, lawyers say

[0x9] The race toward compliance is 'not optimal'

[0xA] GRC: Trying to take the bite out of risk

Latest Secunia Blog Entries

Secunia collects, evaluates, verifies, and analyses vulnerability information.

[0x1] Secunia Country Reports show security status of private PCs in Germany, Austria and Switzerland

[0x2] Publishing the Secunia Country Reports with the state of private PC security in the Benelux!

[0x3] Secunia PSI 3.0 in Dutch: Wij willen u helpen beveiligd te blijven!

[0x4] Secunia appoints Peter Colsted as new CEO

[0x5] Comment on disclosed vulnerability

[0x6] Secunia appoints new Chief Technical Officer

[0x7] Thank you to a CSO and a VP of Development who have added great value to Secunia

[0x8] Softpedia: Secunia Country Report for Q1 2013: 15% of US Users Had an Unpatched OS

[0x9] Introducing the Secunia Country Reports – the state of private PC security, country by country!

[0xA] New CEO for Secunia

CSOONLINE.com - Application Security

[0x1] Apple end-to-end encryption far from bulletproof

[0x2] Wall Street sets example for testing security defenses

[0x3] Why we can't stop malicious insiders

[0x4] Oracle to ship 40 security fixes for Java SE

[0x5] Microsoft patches critical IE vulnerabilities and actively exploited Office flaw

[0x6] New backdoor malware 'KeyBoy' used in targeted attacks in Asia, researchers say

[0x7] New Android Trojan app exploits previously unknown flaws, researchers say

[0x8] Hacker publishes alleged zero-day exploit for older Plesk versions

[0x9] Bill aims to discourage nations from sponsoring cyberattacks

[0xA] Bitcoin payments could be a landmine for companies

The InfoSec Blog

System Integrity: Context Is Everything

[0x1] Confusion over Physical Assets, Information Assets – Part Two

[0x2] Confusion over Physical Assets, Information Assets in ISO-27000

[0x3] Does ISO 27001 compliance need a data leakage prevention policy?

[0x4] What is the goal behind calculating assets in ISO-27000?

[0x5] “Paid to be paranoid”

[0x6] The #1 Reason Leadership Development Fails

[0x7] Another Java bug: Disable the java setting in your browser

[0x8] How much Risk Assessment is needed?

[0x9] An “11th Domain” book.

[0xA] Learning to Counter Threats – Skills or Ethics?

Security Labs

[0x1] Majority of Users Still Vulnerable to Java Exploits

[0x2] iOS7 announcement prompts themed ransomware kits

[0x3] Twitter Adopt 2FA; Here Is What You Can Do

[0x4] Internet Explorer Zero-day Vulnerability (CVE-2013-1347) [Updated]

[0x5] WebShells WebShells on the Web Server

[0x6] Cyber Criminals Exploiting the Boston Marathon Aftermath [UPDATED]

[0x7] DNS Poisoning Hits Kenya Google, MSN, Skype...

[0x8] Margaret Thatcher's Death Used in Cyber Attacks

[0x9] How are Java attacks getting through?

[0xA] Websense Security Labs at CeBIT 2013

Dr Anton Chuvakin Blog PERSONAL Blog

LogChat: Andrew Hay and Anton Chuvakin talk about logging, log management and related topics

[0x1] Monthly Blog Round-Up – May 2013

[0x2] Monthly Blog Round-Up – April 2013

[0x3] Monthly Blog Round-Up – March 2013

[0x4] Monthly Blog Round-Up – February 2013

[0x5] Monthly Blog Round-Up – January 2013

[0x6] Annual Blog Round-Up – 2012

[0x7] Monthly Blog Round-Up – December 2012

[0x8] Links for 2013-01-10 [del.icio.us]

[0x9] Links for 2013-01-07 [del.icio.us]

[0xA] Links for 2013-01-06 [del.icio.us]

MySecured.com

Covering Mobile Phone Forensics, Information Security and Computer Security

[0x1] Push for cigarette-like warnings on mobiles in the USA

[0x2] Blackbox JTAG Reverse Engineering @ 26th Chaos Communication Congress

[0x3] Happy Holidays from MySecured.com

[0x4] Sexting and Mobile Phone Forensics

[0x5] NIST Releases a New Report within Mobile Forensic Reference Materials: A Methodology and Reification. NISTIR 7617.

[0x6] New NIST SIM Data Population Tool For Mobile Phone Forensics Uses

[0x7] Augmented Reality Projection Tracking System from Japan

[0x8] Android 2.0 Perview Video (On G1 from SDK)

[0x9] Wearable, Projector and Mobile Phone based Sixth Sense

[0xA] Real-Time Interactive Augmented Reality Billboard

Microsoft Security Bulletins

[0x1] MS13-048 - Important : Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229) - Version: 1.2

[0x2] MS13-051 - Important : Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571) - Version: 1.0

[0x3] MS13-050 - Important : Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894) - Version: 1.0

[0x4] MS13-049 - Important : Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690) - Version: 1.0

[0x5] MS13-047 - Critical : Cumulative Security Update for Internet Explorer (2838727) - Version: 1.0

[0x6] MS13-040 - Important : Vulnerabilities in .NET Framework Could Allow Spoofing (2836440) - Version: 1.1

[0x7] MS13-038 - Critical : Security Update for Internet Explorer (2847204) - Version: 1.1

[0x8] MS12-069 - Important : Vulnerability in Kerberos Could Allow Denial of Service (2743555) - Version: 1.1

[0x9] MS13-044 - Important : Vulnerability in Microsoft Visio Could Allow Information Disclosure (2834692) - Version: 1.1

[0xA] MS13-037 - Critical : Cumulative Security Update for Internet Explorer (2829530) - Version: 1.1

Jeremiah Grossman

A page to show up #1 on Google when searching for "Jeremiah" (Currently #4).
Only the prophet and TV show left!
I have the edge, TV show is cancelled and the prophet isn't generating any new content.

The prophet, TV show, and that pesky Owyang guy going down!
A page to show up #1 on Google when searching for "Jeremiah Grossman", and it FINALLY has!

[0x1] Aaron's suicide: System Contributed, Society Perpetuated

[0x2] Written Speech: TEDxMaui -- Hack Yourself First

[0x3] TEDxMaui -- Hack Yourself First

[0x4] Terrified

[0x5] How I got my start -- in Brazilian Jiu-Jitsu

[0x6] Web security content moving to new WhiteHat Security corp blog

[0x7] Sentinel SecurityCheck

[0x8] 11th WhiteHat Website Security Statistic Report: Windows of Exposure

[0x9] Robert “RSnake” Hansen, age 34, has passed away, on Facebook

[0xA] Top Ten Web Hacking Techniques of 2011

Liquidmatrix Security Digest

Bringing Fire To The Village: Your Source For Computer, Network & Information Security News

[0x1] Liquidmatrix Security Digest Podcast – Episode 2C

[0x2] Liquidmatrix Security Digest Podcast – Episode 2B

[0x3] No security without maturity

[0x4] Liquidmatrix Security Digest Podcast – Episode 2A

[0x5] LinkedIn Links Up With Two Factor Auth

[0x6] Turkey Dialup Access

[0x7] YourAnonNews Twitter Account Compromised

[0x8] Evernote Rolls Out Two Factor Auth

[0x9] Amazon Rolls Out “Login” 2FA

[0xA] Rob Ford’s former staffers’ emails, telephone records ordered destroyed: sources

Security Tools News & Tips

Just another WordPress weblog

[0x1] Microsoft Security Essentials

[0x2] NSMXpress

[0x3] Korea to train 3,000 ‘cyber sheriffs’

[0x4] FortiClient standard edition

[0x5] 10 Solid Tips to Safeguard Your Facebook Privacy

[0x6] K9 Web Protection

[0x7] Check Point Power-1 Appliances

[0x8] Wordpress blogs hacked – Upgrade your Wordpress NOW!

[0x9] Cisco ASA 5500 Series Firewall

[0xA] (IN)SECURE Magazine Issue 22 is out

It's a shampoo world anyway

...la lausige Leben, revisited

[0x1] The grand Hillbilly Bank Robbery

[0x2] NoScript now includes LocalRodeo-like functionality

[0x3] OWASP Germany Conference

[0x4] LocalRodeo (beta) for Firefox 3

[0x5] Travel ahead

[0x6] DeepSec 2007 Roundup

[0x7] Why I do not like taint tracking

[0x8] DNS rebinding at CCS'07

[0x9] CfP: NordSec 2007 - The 12th Nordic Workshop on Secure IT Systems

[0xA] 2nd Rule: You do blog about Bar Camp

Network World on Security

The latest security news, analysis, reviews and feature articles from NetworkWorld.com.

[0x1] Source code for Carberp financial malware is up for sale at a very low price, researchers say

[0x2] Google Glass privacy concerns raised by international data protection authorities

[0x3] Wall Street sets example for testing security defenses

[0x4] Yahoo discloses user data requests from US law enforcement agencies

[0x5] Why we can't stop malicious insiders

[0x6] UK spy agency reportedly intercepted email of delegates at G20 meetings in 2009

[0x7] Most Data Breaches Caused by Human Error, System Glitches

[0x8] US NSA can access data without court approval, leaker says

[0x9] Prism doesn't have CIOs in a panic -- yet

[0xA] European trust in US compromised, says EU data protection head

Murky

Tending to Geekiness

[0x1] Six Nations 2013 – Week 5

[0x2] Six Nations – Week 4

[0x3] Aviva Premiership 2012-13 – Irish vs Wasps

[0x4] Six Nations 2013 – End of Week 3

[0x5] Six Nations 2013 – Week 3

[0x6] The Hobbit

[0x7] iTunes and nested conditionals

[0x8] Le Tour 2012

[0x9] London Prepares: Track World Cup -London – Day 1

[0xA] The Artist

BBC News - Technology

The latest stories from the Technology section of the BBC News web site.

[0x1] PlayStation update freezing consoles

[0x2] Huawei unveils 'slimmest' smartphone

[0x3] Sharp brings giant 90in TV to Europe

[0x4] Huge 'holograms' created for doctors

[0x5] US surveillance 'foiled 50 plots'

[0x6] Yahoo reveals US data requests

[0x7] Minister hails 'web porn' progress

[0x8] China retakes supercomputer crown

[0x9] Google to tackle child abuse images

[0xA] Scrabble app changes anger players

Identity Theft Blog

Welcome to the most progressive identity theft blog which includes hundreds of original identity theft articles written by Henry Bagdasarian.

[0x1] Jun 13, Privacy or Security

[0x2] Jun 3, Trusting Others

[0x3] May 28, Choose Friends Carefully

[0x4] May 16, Customer Role

[0x5] May 14, Identity Theft Program Implementation

[0x6] May 8, Credit Report Freeze

[0x7] May 2, Spear Phishing

[0x8] May 2, CIRM and CIPA

[0x9] Apr 11, Computer Privacy

[0xA] Mar 27, Identity Theft News & Stories

LinuxSecurity.com: Red_Hat Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] Red Hat: 2013:0942-01: krb5: Moderate Advisory

[0x4] Red Hat: 2013:0944-01: python-keystoneclient: Moderate Advisory

[0x5] Red Hat: 2013:0941-01: flash-plugin: Critical Advisory

[0x6] Red Hat: 2013:0928-01: kernel: Important Advisory

[0x7] Red Hat: 2013:0911-01: kernel: Important Advisory

[0x8] Red Hat: 2013:0896-01: qemu-kvm: Moderate Advisory

[0x9] Red Hat: 2013:0898-01: mesa: Moderate Advisory

[0xA] Red Hat: 2013:0897-01: mesa: Important Advisory

CSOONLINE.com - Strategic Planning/ERM

[0x1] NSA surveillance controversy: Much ado about nothing new?

[0x2] 5 ways to create a collaborative risk management program

[0x3] Do your employees choose data protection or productivity?

[0x4] 10 tips to secure funding for a security program

[0x5] Three simple steps to determine risk tolerance

[0x6] Big Data Protects Intel's Info

[0x7] ERM: The basics

[0x8] How to determine your company's real risk appetite

[0x9] Integrating business continuity management with IT risk management

[0xA] 5 myths about awareness

Microsoft Security Content: Comprehensive Edition

Microsoft Security Content: Comprehensive Edition

[0x1] MS13-048 - Important : Vulnerability in Windows Kernel Could Allow Information Disclosure (2839229) - Version: 1.2

[0x2] Microsoft Security Advisory (2854544): Update to Improve Cryptography and Digital Certificate Handling in Windows - Version: 1.0

[0x3] MS13-051 - Important : Vulnerability in Microsoft Office Could Allow Remote Code Execution (2839571) - Version: 1.0

[0x4] MS13-050 - Important : Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege (2839894) - Version: 1.0

[0x5] MS13-049 - Important : Vulnerability in Kernel-Mode Driver Could Allow Denial of Service (2845690) - Version: 1.0

[0x6] MS13-047 - Critical : Cumulative Security Update for Internet Explorer (2838727) - Version: 1.0

[0x7] Summary for June 2013 - Version: 1.0

[0x8] Microsoft Security Advisory (2755801): Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 - Version: 13.0

[0x9] MS13-040 - Important : Vulnerabilities in .NET Framework Could Allow Spoofing (2836440) - Version: 1.1

[0xA] MS13-038 - Critical : Security Update for Internet Explorer (2847204) - Version: 1.1

Securelist / Blog

[0x1] AutoRun. Reloaded

[0x2] The most sophisticated Android Trojan

[0x3] "NetTraveler is Running!" - Red Star APT Attacks Compromise High-Profile Victims

[0x4] Security policies: portable applications

[0x5] What are children doing online?

[0x6] Jumcar. Peruvian navy? Who could be behind it? [Third part]

[0x7] Caution! Fraud!

[0x8] Jumcar. Timeline, crypto, and specific functions. [Second part]

[0x9] Jumcar. From Peru with a focus on Latin America [First part]

[0xA] NoSuchCon 2013

Zend Developer Zone (DevZone) - Advancing the art of PHP

advancing the art of PHP. Best practices, samples, articles, news, and community for PHP 4, PHP 5, and beyond.

[0x1] Zend Framework 2.0.0beta1 Released!

[0x2] Zend Framework 1.11.11 Released

[0x3] Announcing September's Zend Framework Bug Hunt Days

[0x4] ZendCon Early Bird Registration ends soon!

[0x5] Announcing the August 2011 Zend Framework Bug-Hunt

[0x6] Zend Framework 1.11.10 Released

[0x7] ZendCon '11 Alumni Discount

[0x8] Announcing July's Zend Framework Bug Hunt Days

[0x9] Zend Framework 1.11.9 Released

[0xA] Zend Framework 1.11.8 Released

CERIAS Blog

[0x1] Opticks and a Treatise on the PRISM Surveillance Program (Guest Blog)

[0x2] Schrodinger’s Catnip: A Review of the NSA Phone Surveillance Program (Guest Blog)

[0x3] Opening Keynote: Todd Gebhart, Co-President McAfee Inc. (Summary)

[0x4] Keynote: Christopher Painter, Coordinator for Cyber Issues, U.S. Department of State (Summary)

[0x5] Tech Talk #3: Stephen Elliott (Summary)

[0x6] Featured Commentary: The Honorable Mark Weatherford, DHS Deputy Under Secretary for Cybersecurity

[0x7] Panel 3: Security Education and Training (Panel Summary)

[0x8] Panel 2: NSTIC, Trusted Identities and the Internet (Panel Summary)

[0x9] Panel 1: Security Analytics, Analysis, and Measurement (Panel Summary)

[0xA] On Competitions and Competence

CSOONLINE.com - Malware/Cybercrime

[0x1] Source code for Carberp financial malware is for sale at a very low price, researchers say

[0x2] Why we can't stop malicious insiders

[0x3] UK spy agency reportedly intercepted email of delegates at G20 meetings in 2009

[0x4] 7 essentials for defending against DDoS attacks

[0x5] FDA tells medical device makers to focus on cybersecurity

[0x6] Microsoft criticized for botnet takedown tactics

[0x7] US charges eight with multimillion-dollar cybercrime

[0x8] SMS spam cruises for suckers

[0x9] Chinese seller of pirated software sentenced to 12 years in US prison

[0xA] New backdoor malware 'KeyBoy' used in targeted attacks in Asia, researchers say

Leadership 101

Enhancing Global Leadership from the Inside-Out.

[0x1] Leadership Transferability...

[0x2] Growing Your Seeds... Part III

[0x3] Growing Your Seeds... Part II

[0x4] Growing Your Seeds...

[0x5] Your People... Part III

[0x6] Your People... Part II

[0x7] Your People...

[0x8] Building That Institution... Part III

[0x9] Building That Institution... Part II

[0xA] Building That Institution...

Computerworld - Security RSS feed

[0x1] Sony pulls PS3 update after complaints it bricks consoles

[0x2] Apple pours OS X Snow Leopard another Java fix

[0x3] With faster 5G Wi-Fi coming, Wi-Fi Alliance kicks off certification program

[0x4] Google asks to make surveillance orders public, citing First Amendment

[0x5] Expanded '2-person rule' could help plug NSA leaks

[0x6] Canonical taps international cell carriers for mobile advice

[0x7] US officials: Surveillance programs helped stop 50 terrorist plots

[0x8] Source code for Carberp financial malware is up for sale at a very low price, researchers say

[0x9] Good Technology creates A/NZ vice president role

[0xA] Google Glass privacy concerns raised by international data protection authorities

CNET News.com

Tech news and business reports by CNET News. Focused oninformation technology, core topics include computers, hardware, software,networking, and Internet media..

[0x1] BlackBerry Z10 incurs 'critical' security warning

[0x2] North Korea calls U.S 'kingpin of human rights abuses' following NSA leaks

[0x3] Obama: NSA spying doesn't mean 'abandoning freedom'

[0x4] School iris-scanned students without telling parents

[0x5] Miss Alabama's beautiful confusion about NSA surveillance

[0x6] NSA leaked documents reveal U.S. spied on Russian president

[0x7] Purdue students charged with switching prof's keyboard to improve grades

[0x8] Verizon, T-Mobile foreign stakes make data collection harder

[0x9] Malware masquerading as Bad Piggies found on Google Play

[0xA] Symantec axing as many as 1,700 jobs, says report

The Web Application Security Consortium

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

[0x1] shezaf edited WAFEC 2

[0x2] Sherif Koussa edited Static Analysis Technologies Evaluation Criteria

[0x3] Sherif Koussa edited Static Analysis Technologies Evaluation Criteria

[0x4] Sherif Koussa edited Static Code Analysis List

[0x5] Sherif Koussa edited Static Code Analysis List

[0x6] Sherif Koussa uploaded SATEC_Manual-02.pdf

[0x7] Sherif Koussa edited Static Analysis Technologies Evaluation Criteria

[0x8] Ory Segal edited Static Analysis Technologies Evaluation Criteria

[0x9] Robert Auger edited SideBar

[0xA] Robert Auger edited SideBar

Security

Hacking everything, by Chris Evans / scarybeasts

[0x1] Exploiting 64-bit Linux like a boss

[0x2] The joys and hazards of multi-process browser security

[0x3] Chrome 20 on Linux and Flash sandboxing

[0x4] vsftpd-3.0.0 and seccomp filter sandboxing is here!

[0x5] vsftpd-3.0.0-pre2

[0x6] vsftpd-3.0.0-pre1 and seccomp filter

[0x7] On the failings of Pwn2Own 2012

[0x8] Some random observations on Linux ASLR

[0x9] Chrome Linux 64-bit and Pepper Flash

[0xA] The dirty secret of browser security #1

SANS Internet Storm Center, InfoCON: green

[0x1] ISC StormCast for Wednesday, June 19th 2013 http://isc.sans.edu/podcastdetail.html?id=3377, (Wed, Jun 19th)

[0x2] WinLink Check-In, (Wed, Jun 19th)

[0x3] Volatility rules...any questions?, (Tue, Jun 18th)

[0x4] Java 7 update 25 released http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html, (Tue, Jun 18th)

[0x5] EMET 4.0 is now available for download, (Tue, Jun 18th)

[0x6] ISC StormCast for Tuesday, June 18th 2013 http://isc.sans.edu/podcastdetail.html?id=3374, (Tue, Jun 18th)

[0x7] Oracle Java pre-announcement: Upcoming JRE patch will plug 37 remotely exploitable holes. See http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html, (Mon, Jun 17th)

[0x8] ISC StormCast for Monday, June 17th 2013 http://isc.sans.edu/podcastdetail.html?id=3371, (Mon, Jun 17th)

[0x9] SANSFIRE 2013, (Mon, Jun 17th)

[0xA] A scan is a scan is a scan, (Sun, Jun 16th)

Latest Security Advisories

[0x1] Microsoft Security Advisory (2854544): Update to Improve Cryptography and Digital Certificate Handling in Windows - Version: 1.0

[0x2] Microsoft Security Advisory (2755801): Update for Vulnerabilities in Adobe Flash Player in Internet Explorer 10 - Version: 13.0

[0x3] Microsoft Security Advisory (2846338): Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution - Version: 1.0

[0x4] Microsoft Security Advisory (2820197): Update Rollup for ActiveX Kill Bits - Version: 1.0

[0x5] Microsoft Security Advisory (2847140): Vulnerability in Internet Explorer Could Allow Remote Code Execution - Version: 2.0

[0x6] Microsoft Security Advisory (2819682): Security Updates for Microsoft Windows Store Applications - Version: 1.0

[0x7] Microsoft Security Advisory (2798897): Fraudulent Digital Certificates Could Allow Spoofing - Version: 1.1

[0x8] Microsoft Security Advisory (2794220): Vulnerability in Internet Explorer Could Allow Remote Code Execution - Version: 2.0

[0x9] Microsoft Security Advisory (973811): Extended Protection for Authentication - Version: 1.14

[0xA] Microsoft Security Advisory (2749655): Compatibility Issues Affecting Signed Microsoft Binaries - Version: 2.0

Foro de elhacker.net - Noticias

Información en vivo desde Foro de elhacker.net

[0x1] Fallo de seguridad en Blackberry OS 10

[0x2] El famoso hacker Pod2g se cambia a Android tras quedar decepcionado por el ....

[0x3] Evita que PRISM y la NSA te espíen con Bauer-Puntu Linux 13.04

[0x4] Hackers logran romper las contraseñas Wi-Fi de iOS en 50 segundos

[0x5] Los hackers de Anonymous amenazan con atacar Corea del Norte el 25 de junio

[0x6] Fallo: Adobe Photoshop CC requiere Windows 7 con SP2 o Windows 8 con SP1

[0x7] El fundador de The Pirate Bay podría ser extraditado a Dinamarca por varios ...

[0x8] Estafa en Facebook: 'Esta mujer se vuelve loca y pierde el control del hacha'

[0x9] El proyector multimedia LED que te cabe en la palma de la mano

[0xA] Electrónica epidérmica, una realidad

IBM Internet Security Systems Frequency X Blog

Frequency X, the blog site for IBM Internet Security Systems' world-renowned security research and development team, X-Force, provides an opportunity for the researchers to converse directly with the world about threats and vulnerability research.

[0x1] Redirecting

[0x2] April 2013 Super Tuesday

[0x3] IBM X-Force 2012 Annual Trend & Risk report has released!

[0x4] March 2013 Super Tuesday Update

[0x5] February 2013 Super Tuesday Update

[0x6] January 2013 Super Tuesday Update

[0x7] December 2012 Microsoft Super Tuesday

[0x8] November 2012 Microsoft Super Tuesday

[0x9] October 2012 Microsoft Super Tuesday

[0xA] Key highlights in the IBM X-Force 2012 Trend & Risk Report

Business:Security Articles from EzineArticles.com

EzineArticles.com is Trusted By Millions as The Source For Quality Original Articles

[0x1] Digital Safes - Secure Your Official Documents and Other Valuables

[0x2] Digital Locks - All You Need to Know

[0x3] Why Do You Need a Security Camera for Your Business Premises?

[0x4] Document Shredding As a Way to Keep Personal Information Private

[0x5] Security Of Your Official Assets

[0x6] Working Together to Help Prevent Medical Identity Theft

[0x7] Redefine Corporate Security With Key Control

[0x8] Security Tips: 3 Ways to Prevent Your Business From Getting Robbed

[0x9] Designing a Surveillance Deterrent on a Budget

[0xA] 3 Ways To Keep Your Time Clock Software Secure

Virus and worm news from Network World

The latest virus and worm news and analysis from NetworkWorld.com.

[0x1] Android antivirus products a big flop, researchers say

[0x2] Seculert uses big data security analytics to precisely identify APTs and other malware

[0x3] McAfee sees surge in spam, Koobface samples, MBR attacks

[0x4] When malware strikes: How to clean an infected PC

[0x5] McAfee offers business endpoint security suites for broader protection

[0x6] Signature-based endpoint security on its way out

[0x7] iOS app contains potential malware

[0x8] Kaspersky Internet Security 2013 bug can lead to system freeze

[0x9] Facebook targeted by hackers, says no user data compromised

[0xA] DaVinci surveillance malware distributed via zero-day Flash Player exploit, researchers say

Help Net Security - News

Help Net Security - your homepage for all the information security news

[0x1] Employees biggest IT threat to businesses

[0x2] Facebook once again accessible via Tor

[0x3] (IN)SECURE Magazine issue 38 released

[0x4] Google asks secret court permission to publish FISA numbers

[0x5] Failed backups endanger revenue and productivity

[0x6] Oracle releases critical security updates for Java

[0x7] How to detect hidden administrator apps on Android

[0x8] CyanogenMod founder aims to thwart data-grabbing apps

[0x9] Bill aims to regulate email privacy in the cloud

[0xA] Businesses not fully implementing infosec programs

Latest Secunia Blog Entries

Secunia collects, evaluates, verifies, and analyses vulnerability information.

[0x1] Secunia Country Reports show security status of private PCs in Germany, Austria and Switzerland

[0x2] Publishing the Secunia Country Reports with the state of private PC security in the Benelux!

[0x3] Secunia PSI 3.0 in Dutch: Wij willen u helpen beveiligd te blijven!

[0x4] Secunia appoints Peter Colsted as new CEO

[0x5] Comment on disclosed vulnerability

[0x6] Secunia appoints new Chief Technical Officer

[0x7] Thank you to a CSO and a VP of Development who have added great value to Secunia

[0x8] Softpedia: Secunia Country Report for Q1 2013: 15% of US Users Had an Unpatched OS

[0x9] Introducing the Secunia Country Reports – the state of private PC security, country by country!

[0xA] New CEO for Secunia

Security Labs

[0x1] Majority of Users Still Vulnerable to Java Exploits

[0x2] iOS7 announcement prompts themed ransomware kits

[0x3] Twitter Adopt 2FA; Here Is What You Can Do

[0x4] Internet Explorer Zero-day Vulnerability (CVE-2013-1347) [Updated]

[0x5] WebShells WebShells on the Web Server

[0x6] Cyber Criminals Exploiting the Boston Marathon Aftermath [UPDATED]

[0x7] DNS Poisoning Hits Kenya Google, MSN, Skype...

[0x8] Margaret Thatcher's Death Used in Cyber Attacks

[0x9] How are Java attacks getting through?

[0xA] Websense Security Labs at CeBIT 2013

Virtual Shadows has MOVED!

[0x1] Virtual Shadows is MOVING!

[0x2] Hacking programmable road signs

[0x3] David Lacey likes my book!

[0x4] Censoring your blog

[0x5] Book launch on Monday Central London

[0x6] ouch ....

[0x7] Achieving miracles when times are tough

[0x8] The book arrived on Tuesday

[0x9] Your iPhone as a wind instrument!

[0xA] China's Net Nannies have been busy

Securityvulns exploits channel

Securityvulns exploits newsline

[0x1] huaweisnmpex.py

[0x2] dlinkcamab.py

[0x3] pfsboex.pl

[0x4] http://forums.comodo.com/10551086108810911089108910821080-russian/eth%20ethplusmnn%20ethfrac34ethacute-ethmiddotethdegn%20ethcediln%20n%20-cis-v-602607392674-t89574.0.html

[0x5] centrifyex.c

[0x6] ibmdirectorex.pl

[0x7] FreeFTPD_0day_src.zip

[0x8] FreeSSHD_0day.zip

[0x9] mysql_win_remote_stuxnet_technique.zip

[0xA] mysql_userenum.pl

Layer 7 Technologies

Layer 7 Technologies markets a family of XML appliances and software to secure, simplify and scale Web services.

[0x1] New Article - Layer 7 Expands into Dutch Market with ION-IP Partnership - ChannelWeb

[0x2] New Press Release - Working Opportunity Fund makes follow on investment in Layer 7 Technologies (February 2, 2009)

[0x3] New Award - 2009 Ready to Rocket List - Rocketbuilders

[0x4] Watch VP Marketing & Alliances, Dimitri Sirota, interviewed by Sys-Con.TV at JavaOne Conference in June, 2008.

[0x5] New Press Release - SOA Consortium Releases New Podcast from K. Scott Morrison, Layer 7 Technologies, on How to Fail at SOA (August 18, 2008)

[0x6] New Press Release - Layer 7 Joins SOA Consortium as Silver Sponsor (June 30, 2008)

[0x7] New Article - Layer 7 Nominated for SYS-CON's "SOA World Magazine Readers' Choice Awards": The SecureSpan XML Networking Gateway Nominated for "Best Security Solution" - SOA World

[0x8] New Press Release - Layer 7 Technologies Enhances Field Collaboration for SOA Through HP ISV Marketplace Referral Program (June 18, 2008)

[0x9] New Article - Layer 7 to Provide Security and Operational Governance for Sun Java CAPS - eBizQ

[0xA] New Press Release - Layer 7 Technologies to Provide Security and Operational Governance for Sun Java CAPS (June 9, 2008)

Crypto-Gram Security Podcast

Security: Bruce Schneier's monthly Crypto-Gram Newsletter (read by Dan Henage)

[0x1] Crypto-Gram 15 May 2013

[0x2] Crypto-Gram 15 Apr 2013

[0x3] Crypto-Gram 15 Mar 2013

[0x4] Crypto-Gram 15 Feb 2013

[0x5] Crypto-Gram 15 Jan 2013

[0x6] Crypto-Gram 15 Dec 2012

[0x7] Crypto-Gram 15 Nov 2012

[0x8] Crypto-Gram 15 Oct 2012

[0x9] Crypto-Gram 15 Sep 2012

[0xA] Crypto-Gram 15 Aug 2012

Security - Infoworld

[0x1] NSA can access data without court approval, leaker says

[0x2] It's over: All private data is public

[0x3] Shoot-out results: Best security tools for small business

[0x4] 7 essentials for defending against DDoS attacks

[0x5] Oracle to ship 40 security fixes for Java SE

[0x6] Why password-only authentication is passé

[0x7] Spy-proof enterprise encryption is possible, but daunting

[0x8] Your online privacy was doomed long before the NSA came along

[0x9] Top 10 IT security myths putting businesses at risk

[0xA] Facebook, Twitter support Google's call for transparency in surveillance requests

Development & Integration White Papers

C Languages, EAI, Java, Visual Basic, and Web Design White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] Improving Application Development with Digital Libraries

[0x3] Introduction to The Most Popular Commercial Open Source Backup Software - Amanda Enterprise

[0x4] How Can I Back Up MySQL Database Without Killing Application Performance? NetApp and Zmanda Have the Answer.

[0x5] Achieving the Impossible- Unlimited Application Scalability

[0x6] Data Centre Transitions: UNIX to Linux

[0x7] Data Grids and Service  Oriented Architecture

[0x8] An Innovative Approach to Managing Software Requirements

[0x9] Using Virtualization to Maximize Your IT Environment

[0xA] Why Every Data Center Needs Automation

Aladdin Knowledge Systems Latest HASP Press Releases

Aladdin Knowledge Systems Latest HASP Press Releases - RSS Feed

[0x1] China's Largest CAD/CAM Software Developer Selects Aladdin HASP SRM

[0x2] HASP SRM v 3.60 Provides Automatic File Wrapping for Windows x64 Applications

[0x3] Leading Network Engineering Firm in China Selects Aladdin HASP SRM to Stop Software Piracy

[0x4] Aladdin Announces Enhanced HASP SRM Anti-Piracy Tool for Mac Software Developers

[0x5] Aladdin HASP SRM Adds Automatic File Wrapping to Secure Intellectual Property in Java-Based Applications

[0x6] Aladdin HASP SRM Adds Linux Support

[0x7] Iris Biometrics Leader Secures Software with Aladdin HASP SRM

[0x8] Aladdin HASP SRM Wins Codie Award for Best Digital Rights Management Solution

[0x9] Aladdin Announces First Runtime Installer Certified for Windows Vista

[0xA] Aladdin HASP SRM Receives CompTIA SoftwareCEO Innovation Award

CSOONLINE.com - Access Control

[0x1] Wall Street sets example for testing security defenses

[0x2] NSA revelations could push terrorists to other channels

[0x3] Bitcoin payments could be a landmine for companies

[0x4] Windows 8.1 bolsters biometrics for authentication

[0x5] Google biometrics tests show there's no magic pill for passwords

[0x6] Motorola shows off electronic tattoo and authentication pill at D11

[0x7] Amazon Web Services integrates with Google, Facebook for easier logins

[0x8] Spear phishing paves road for Advanced Persistent Threats

[0x9] Twitter's two-factor authentication implementation can be abused, researchers say

[0xA] Prevent a hack attack with Twitter's new two-factor authentication

Splunk Blogs

[0x1] Getting data from your REST APIs into Splunk

[0x2] Are you going to Cisco Live 2013, Orlando?

[0x3] Windows, Perfmon and Internationalization

[0x4] Get to .conf2013 – Your Data, No Limits

[0x5] Importing SharePoint ULS Logs

[0x6] Splunk Powers Up With jQuery!

[0x7] Thoughts from Microsoft TechEd North America

[0x8] SplunkIt v2.0.2 Results & EC2 Storage Comparisons

[0x9] Splunk on Splunk 3.0 Now Live!

[0xA] Running as a Windows Service

ITtoolbox Downloads

[0x1] Using WebSphere DataStage with IBM DataMirror Change Data Capture

[0x2] Extend and Reuse Existing Mainframe Functions Through SOA - Part 4 of the Roadmap To Reduce Webcast Series

[0x3] Consolidate Applications From Non-Strategic Platforms Onto z/OS - Part 3 of the Roadmap To Reduce Webcast Series

[0x4] Tech Talk:: Strategic Solutions To Help Solve Top Issues In The Data Center Today

[0x5] How Safe Is Your Network? - Analyst #1 Choice for Vulnerability Management - Free Trial

[0x6] Always be Open for Business

[0x7] Make Compliance Work for You

[0x8] Reduce Operational Costs By Up To 95% - Part 1 of the Roadmap To Reduce Webcast Series

[0x9] Increase productivity by up to 40% - Part 2 of the Roadmap To Reduce Webcast Series

[0xA] Database Trends and Applications Survey Results: The Freshest BI Data from the Journal of Enterprise Data Management

Articles by Paul Thurrott

[0x1] Microsoft Takes Surface RT to School

[0x2] Microsoft's Vision for the Replaceable PC

[0x3] Judge in Microsoft’s US Antitrust Trial Passes Away

[0x4] Short Takes: June 14, 2013

[0x5] Xbox One Launch Missteps Could Cost Microsoft

[0x6] Microsoft Previews Multi-Factor Authentication for Azure

[0x7] Tech Giants Call For FISA Transparency

[0x8] Microsoft vs. Sony in Dueling E3 Presentations

[0x9] The Future of Mobile Device Management

[0xA] Lenovo Opens PC Manufacturing Facility in the United States

Just another WordPress site

[0x1] eForensics Magazine Vol 02 Issue 03 Released

[0x2] HackInSight Magazine Issue 05 Released

[0x3] SecureTech 2013 16th International Security Exhibition and Conference

[0x4] Hack in Paris Security Conference

[0x5] SANS Ouch April 2013 Monthly Report Released

[0x6] HackInSight Magazine Digest Issue Released

[0x7] Brazilian Court of Justice of State of Amapa Hacked

[0x8] Carolina Dieckmann Brazilian Cyber Crimes Law is a Go

[0x9] Cyberwar The Next Threat to National Security by Richard A. Clarke

[0xA] Pentest Magazine New March 2013 Issue

ARN - Security RSS feed

[0x1] Top tier SMB IT spend less than bottom tier: Symantec

[0x2] M.Tech brings Vormetric to A/NZ

[0x3] Java 7 Update 25 fixes 40 security issues, turns on certificate revocation checking

[0x4] Expanded '2-person rule' could help plug NSA leaks

[0x5] US officials: Surveillance programs helped stop 50 terrorist plots

[0x6] Source code for Carberp financial malware is up for sale at a very low price, researchers say

[0x7] And the State of the IT Channel iPad winners are ...

[0x8] Symantec Australia in legal proceedings with former channels director, Jeff Arndt

[0x9] $93m lost to scammers in 2012

[0xA] Sophos launches MSP-centric partner program

Information Security Thoughts - Allen Baranov

A blog dedicated to thoughts about Information Security.

[0x1] Slideshow: A Practical Example to Using SABSA Extended Security in Depth Strategy

[0x2] A more positive and comprehensive SABSA Strength-in-depth Strategy

[0x3] If you know nothing else about Information Security... know this!

[0x4] What if - trams actually turned into rhinos?

[0x5] IT vs Business (The War We Don't Even Know We Are Fighting!)

[0x6] HD Moore's Law? How can you tell if you are compliant?

[0x7] Seven Habits of Highly Effective Security Plans [Part 6]

[0x8] Seven Habits of Highly Effective Security Plans [Part 5]

[0x9] Why the Privacy Bill is important to you!

[0xA] The Meaning of Life Part 1 - The Firewall

Will Hack For SUSHI

Hacking and Defending Wireless

[0x1] The Mobile Malware Connection

[0x2] Invasion of the Mobile Phone Snatchers

[0x3] Things I Wish Amazon.com Didn’t Tell Me

[0x4] The Changing Wireless Attack Landscape

[0x5] Pen Test Perfect Storm 6: We Love Cisco!

[0x6] ISACA Review: Hacking Exposed Wireless 2nd Edition

[0x7] Packet Capture Payload Assessment

[0x8] GIAC GAWN Ethical Hacking Wireless Testing Aid

[0x9] Reflections on “hole196″

[0xA] Evading IPS/IDS with TCP Checksum Forgery

SearchSecurity: Security Wire Daily News

The latest information security news on IT threats, vulnerabilities and market trends from the award-winning SearchSecurity.com.

[0x1] Users may remain vulnerable despite Oracle Java patch release

[0x2] Enterprise BYOD offers mixed bag for enterprise endpoint security

[0x3] CEO: Symantec strategy to emphasize endpoint security, partnerships

[0x4] Office, 32-bit Windows fixes included in Patch Tuesday update

[0x5] Mullen: Cybersecurity threats demand leadership from Capitol Hill

[0x6] Harsher penalties for HIPAA violations altering compliance efforts

[0x7] Ponemon data breach study finds costs up, notification major driver

[0x8] Are FedRAMP security controls enough?

[0x9] HIPAA Omnibus Rule, PPACA challenge enterprise compliance management

[0xA] Report finds security tools add software vulnerabilities of their own

What's New

What's New at FIRST website

[0x1] Least developed countries are vital for global security

[0x2] FIRST is now accepting candidates to the FIRST Steering Committee

[0x3] FIRST Fellowship Programme

[0x4] The 2013 Conference program

[0x5] Webinar "Developing Indicators with Computer Security Incident Response Teams (CSIRTs)"

[0x6] Amsterdam TC

[0x7] Lisbon TC

[0x8] Bangkok 2013

[0x9] Global Information Security Conference to be held in Malta

[0xA] Holistic risk management: perspectives from IT professionals

ZDNet | Zero Day Blog RSS

Latest blogs in Zero Day

[0x1] Oracle releases latest round of Java security patches

[0x2] BlackBerry issues 'critical' security warning for Z10 phones

[0x3] Congressman denies report claiming NSA can listen to calls without warrants

[0x4] Ad exec: Online ad industry complicit in NSA PRISM datamining

[0x5] EU 'assessing U.S. relationship' amid PRISM spying claims

[0x6] Microsoft misses Google-found flaw in Patch Tuesday updates

[0x7] Eight members of international cybercrime ring charged

[0x8] Pentagon bids for $23 billion to combat cyberthreats

[0x9] Obama defends NSA surveillance: 'Nobody is listening to your phonecalls'

[0xA] Guardian reveals identity of NSA whistleblower

LinuxSecurity.com: Fedora Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] Fedora 10 ruby-1.8.6.368-2.fc10

[0x4] Fedora 12 moodle-1.9.7-1.fc12

[0x5] Fedora 12 ntp-4.2.4p8-1.fc12

[0x6] Fedora 10 moodle-1.9.7-1.fc10

[0x7] Fedora 12 kernel-2.6.31.6-166.fc12

[0x8] Fedora 10 httpd-2.2.14-1.fc10

[0x9] Fedora 12 nss-util-3.12.5-1.fc12.1

[0xA] Fedora 10 rubygem-actionpack-2.1.1-5.fc10

HSC Security Portal

Hackers Center Security Portal is one of the most complete, updated and visited Securty portals on the net. We offer Security Blogs, Exploits, Texts, Tools

[0x1] Scrubyt 0.4

[0x2] Sahi V3

[0x3] UrlParams 2.2.0

[0x4] TemperIE

[0x5] Nikto 2

[0x6] hcraft 1.0.0

[0x7] MSNPawn 1.1

[0x8] httprint

[0x9] DIRB

[0xA] WebInject 1.4

The Falcon's View

Mental meanderings of an infosec obsessive...

[0x1] Upgrade+Migration Update

[0x2] FYI: Pending Site Upgrade+Migration

[0x3] Email Platform Migration

[0x4] AppSec DC 2010 Video Posted

[0x5] Survivability Rather Than Security Metrics

[0x6] RSA 2011: In Summary

[0x7] RSA 2011: Meet Federated Networks

[0x8] RSA 2011: Imation Expands Offerings

[0x9] RSA 2011: (dis)Innovation Sandbox

[0xA] Forget SmartGrid, Micro-Generation Is the Future

Daily Dave

This technical discussion list covers vulnerability research, exploit development, and security events/gossip. It was started by ImmunitySec founder Dave Aitel and many security luminaries participate. Many posts simply advertise Immunity products, but you can't really fault Dave for being self-promotional on a list named DailyDave.

[0x1] Re: Defeating what's next

[0x2] Re: Defeating what's next

[0x3] Chris Eagle's INFILTRATE Keynote

[0x4] Re: Defeating what's next

[0x5] Re: Defeating what's next

[0x6] Re: Defeating what's next

[0x7] Re: Defeating what's next

[0x8] Re: Defeating what's next

[0x9] Re: Defeating what's next

[0xA] Re: Defeating what's next

eWeek - Security - RSS Feed

eWeek - Security - RSS Feed

[0x1] U.S. Email, Phone Surveillance Details Come to Light in House Testimony

[0x2] Popular WordPress Plug-ins Vulnerable to Attack: Checkmarx Research

[0x3] StopTheHacker Eases Website Security Costs for SMBs

[0x4] Okta Looks to Drive Growth With Partner Programs

[0x5] DataMotion, DigiCert Collaborate to Simplify Health Care Data Exchange

[0x6] Tech Companies Don't Tell Whole Truth About Data They Send to Feds

[0x7] Microsoft: Government Requested Info on Up to 32K Accounts

[0x8] OWASP Lists Top 10 Most Critical Web Application Risks

[0x9] Apple Says It Received Up to 10,000 Customer Data Requests

[0xA] Graphical Tools Help Security Experts Track Cyber-Attacks in Real time

Room362.com RSS Feed

Blog

[0x1] Volume Shadow Copy NTDS.DIT Domain Hashes Remotely - Part 2

[0x2] Volume Shadow Copy NTDS.dit Domain Hashes Remotely - Part1

[0x3] Using Mimikatz Alpha or Getting Clear Text Passwords with a Microsoft Tool

[0x4] Query all windows services config from the command line

[0x5] Sessiondump Meterpreter Extension

[0x6] Metasploit Mastery @BlackHatEvents USA 2013

[0x7] Length Sorting Wordlists

[0x8] Mounting NFS shares through Meterpreter with NfSpy

[0x9] Suggestions on what to do when a service you use gets compromised

[0xA] Blocking Java Exploits, Malicious Signed Applets, and 0days

Slashdot

News for nerds, stuff that matters

[0x1] NSA's Role In Terror Cases Concealed From Defense Lawyers

[0x2] Lobster, a New Game Programming Language, Now Available As Open Source

[0x3] Google's Crazy Lack of Focus: Is It Really Serious About Enterprise?

[0x4] Cat-like Robot Runs Like the Wind

[0x5] Revisiting Amdahl's Law

[0x6] Altering Text In eBooks To Track Pirates

[0x7] NVIDIA To License Its GPU Tech

[0x8] MySQL Man Pages Silently Relicensed Away From GPL

[0x9] Verizon Accused of Intentionally Slowing Netflix Video Streaming

[0xA] Oculus Rift Raises Another $16 Million

Networking & Infrastructure White Papers

Hardware, Linux, Networking, Security, Storage, UNIX, Windows, and Wireless White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] The Learning Organization Goes Digital

[0x3] 10 Tips - IT Training Support

[0x4] How to Make Your IT Staff Smarter

[0x5] Improving Application Development with Digital Libraries

[0x6] Working Green with Digital Libraries - How it Can Help

[0x7] Minimizing Technology Project Delays with Digital Libraries

[0x8] How VMware Virtualization Right-sizes IT Infrastructure to Reduce Power Consumption

[0x9] Reduce Energy Costs and Go Green with VMware Virtualization

[0xA] VMware Customer Success: Consolidating Data Centers at First American

Boaz Gelbord

A practicing CISO's perspective on managing information security in large enterprises.

[0x1] Comodo, RSA, and Security Priorities

[0x2] Security Scoreboard - Join the Conversation

[0x3] iPad and the Illusion of Privacy

[0x4] Napera selling security at the Google Apps Marketplace

[0x5] Flash Security Under the Microscope

[0x6] Google Secure Search and Security Overkill

[0x7] Facebook and Security Minimalism

[0x8] Application Security Underfunded

[0x9] Security Scoreboard is Live!

[0xA] Mass Security Regulation Gets Tech Priorities Wrong

The Register - Security

Biting the hand that feeds IT

[0x1] Thousands of suspected crims, informants spilled all over web in IT gaffe

[0x2] EU Justice Department stalls India's security clearance

[0x3] Chinese hackers launch PRISM scare campaign

[0x4] Spear phish your boss to win more security cash

[0x5] Six nations ask Google for answers on Glass privacy

[0x6] Remote code execution vuln appears in Puppet

[0x7] Tor users locked out of Facebook after wave of dodgy traffic

[0x8] Apple's screw-up leaves tethered iPhones easily crackable

[0x9] Robbing a bank? Carberp toolkit now available for just $5k

[0xA] Yahoo! joins! rivals! in! PRISM! data! request! admission!

US-CERT Alerts

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

[0x1] TA13-168A: Microsoft Updates for Multiple Vulnerabilities

[0x2] TA13-141A: Washington, DC Radio Station Web Site Compromises

[0x3] TA13-134A: Microsoft Updates for Multiple Vulnerabilities

[0x4] TA13-107A: Oracle Has Released Multiple Updates for Java SE

[0x5] TA13-100A: Microsoft Updates for Multiple Vulnerabilities

[0x6] TA13-088A: DNS Amplification Attacks

[0x7] TA13-071A: Microsoft Updates for Multiple Vulnerabilities

[0x8] TA13-064A: Oracle Java Contains Multiple Vulnerabilities

[0x9] TA13-051A: Oracle Java Multiple Vulnerabilities

[0xA] TA13-043B: Microsoft Updates for Multiple Vulnerabilities

Wired Top Stories

Top Stories

[0x1] This Amazing Tool Helps You Draw Pictures Like an Old Master

[0x2] Conquer the Hills: 11 Mountain Biking Essentials

[0x3] Sony Won E3 (But That Doesn't Matter)

[0x4] Why Male Dark Fishing Spiders Spontaneously Die After Sex

[0x5] Your Door Is About to Get Clever: 5 Smart Locks Compared

[0x6] Riding Endurance Mountain Biking's Fine Line Between Insanity and Nirvana

[0x7] The Company Website Is Making a Comeback

[0x8] Movie Trailers Are Getting Insanely Fast. Trust Us, We Counted the Cuts

[0x9] Justice Department Fought to Conceal NSA's Role in Terror Case From Defense Lawyers

[0xA] Being Electric Doesn't Keep This Plane From Serious Aerobatics

Juniper

Juniper RSS Feed

[0x1] Gun Fight at the OK Corral

[0x2] Signature Update #2273

[0x3] Juniper Networks Wins Big at Interop Tokyo 2013

[0x4] JUNIPER NETWORKS WINS BIG AT INTEROP TOKYO 2013

[0x5] Security Suited for the Data Center

[0x6] Network Security Management -- it’s all about Operational Efficiency

[0x7] Signature Update #2272

[0x8] EX Switches receive DoD Certification

[0x9] Juniper Networks Simplifies Data Center Operations With Solutions for Automation

[0xA] Signature Update #2271

SANS Information Security Reading Room

Last 25 Computer Security Papers added to the Reading Room

[0x1] SANSFIRE 2011

[0x2] Web Application Injection Vulnerabilities: A Web App's Security Nemesis?

[0x3] Electronic Medical Records: Success Requires an Information Security Culture

[0x4] Analyzing Polycom® Video Conference Traffic

[0x5] Corporate vs. Product Security

[0x6] Securing BYOD With Network Access Control, a Case Study

[0x7] Event Monitoring and Incident Response

[0x8] Dead Linux Machines Do Tell Tales

[0x9] Setting Up a Database Security Logging and Monitoring Program

[0xA] Managing the Implementation of a BYOD Policy

Linux, Network and Security Research

[0x1] Wireshark updates close security holes

[0x2] Security threats Toolkit

[0x3] Unusual disk latency: The other day I met a friend and between...

[0x4] Untangle 7.1

[0x5] Lynis 1.2.9

[0x6] Wireshark 1.2.5

[0x7] Multiple Cisco WebEx WRF Player Vulnerabilities

[0x8] US drones hacked by Iraqi insurgents

[0x9] Video Interview with MacBook Bullet Girl

[0xA] Android Forensics

pentestmonkey

Taking the monkey work out of pentesting

[0x1] mimikatz: Tool To Recover Cleartext Passwords From Lsass

[0x2] windows-privesc-check

[0x3] Finding IP Addresses of Other Network Interfaces on Linux

[0x4] gateway-finder

[0x5] The Science of Safely Finding an Unused IP Address

[0x6] timing-attack-checker

[0x7] Exposing only part of C: over Terminal Services

[0x8] Post-Exploitation in Windows: From Local Admin To Domain Admin (efficiently)

[0x9] Reverse Shell Cheat Sheet

[0xA] “Hackers for Charity” Needs You

PortSwigger Web Security Blog

[0x1] We are hiring!

[0x2] Burp Suite is on a feature roll!

[0x3] New video tutorials

[0x4] Sample Burp Suite extension: Intruder payloads

[0x5] Sample Burp Suite extension: custom scanner checks

[0x6] Sample Burp Suite extension: custom scan insertion points

[0x7] Sample Burp Suite extension: custom editor tab

[0x8] Sample Burp Suite extension: custom logger

[0x9] Sample Burp Suite extension: traffic redirector

[0xA] Sample Burp Suite extension: event listeners

BetaNews

Technology News and Analysis

[0x1] HTC unveils the Butterfly S with Jelly Bean and UltraPixel camera

[0x2] Snowden and the NSA reflect a millennial climate change

[0x3] Speccy update adds a temperature monitor to the System Tray

[0x4] Blink for Windows Phone 8 adds GIF support

[0x5] Symantec updates Norton 2013 range

[0x6] NYC offers free electricity for power starved smartphones

[0x7] Canonical assembles a team of experts to help Ubuntu crack the mobile market

[0x8] Sony Xperia Z finally coming to T-Mobile 'this summer'

[0x9] Top SMBs use IT for SBE, OK?

[0xA] Data Converter can easily decode cryptic Registry values

Files ≈ Packet Storm

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

[0x1] Debian Security Advisory 2628-2

[0x2] MoinMoin twikidraw Action Traversal File Upload

[0x3] Debian Security Advisory 2698-1

[0x4] Ubuntu Security Notice USN-1886-1

[0x5] Solaris 10 Patch Cluster File Clobber

[0x6] Puppet Remote Code Execution

[0x7] FreeBSD Security Advisory - mmap Privilege Escalation

[0x8] Apache Santuario XML Security For C++ Signature Bypass

[0x9] Technical Cyber Security Alert 2013-168A

[0xA] Ubuntu Security Notice USN-1884-1

Latest MITRE News

The MITRE Corporation is a not–for–profit organization chartered to work in the public interest. As a national resource, we apply our expertise in systems engineering, information technology, operational concepts, and enterprise modernization to address our sponsors' critical needs.

[0x1] MITRE Names Barry Costa Director of Technology Transfer

[0x2] Elizabeth Rindskopf Parker Named to MITRE's Board of Trustees

[0x3] MITRE Appoints Peter Sherlock Senior Vice President and Director of Bedford Operations

[0x4] MITRE and Princeton Researchers Team up to Focus on National Challenges

[0x5] Computerworld Names MITRE a 2013 Honors Laureate

[0x6] MITRE, Aerospace Bring Forward Best Practices for Acquisition Success

[0x7] MITRE Celebrates 10 Years of OVAL

[0x8] MITRE Announces New Global Air Navigation Harmonization Course

[0x9] MITRE Employees Honored at Black Engineer of the Year Awards

[0xA] Michèle Flournoy Named to MITRE's Board of Trustees

Apple

[0x1] Apple amends Siri’s response to suicide with more direct approach

[0x2] The reviews are in: Everybody loves the new MacBook Air’s battery

[0x3] Paper iPad app gets $15M for more productivity software, services — and hardware

[0x4] As Apple ebook trial enters last week, it’s all about Steve Jobs

[0x5] Apple sanctions iPhone game controllers: a first clue as to how they’ll look

[0x6] So what if Apple copies your app? Get to work, like Sunrise did

[0x7] Apple got more than 4,000 user data requests from US government in last six months

[0x8] Apple has become a design follower instead of a leader — and it may be just fine with that

[0x9] 5 takeaways for iOS developers from WWDC 2013

[0xA] ICYMI podcasts: Connected pets, 7 years of GigaOM and boosted battery life on MacBook Airs

Http server Vulnerabilities in CVEMAP.ORG Powered by cxsecurity.com

Http server Vulnerabilities - CVEMAP.ORG WLB2CVEMAP Database

[0x1] CVE-2013-1862: mod_rewrite.c in the mod_rewrite module ...

[0x2] CVE-2012-4558: Multiple cross-site scripting (XSS) vuln...

[0x3] CVE-2012-3499: Multiple cross-site scripting (XSS) vuln...

[0x4] CVE-2012-5955: Unspecified vulnerability in the IBM HTT...

[0x5] CVE-2012-4557: The mod_proxy_ajp module in the Apache H...

[0x6] CVE-2012-3502: The proxy functionality in (1) mod_proxy...

[0x7] CVE-2012-2687: Multiple cross-site scripting (XSS) vuln...

[0x8] CVE-2012-0883: envvars (aka envvars-std) in the Apache ...

[0x9] CVE-2012-1181: fcgid_spawn_ctl.c in the mod_fcgid modul...

[0xA] CVE-2012-0053: protocol.c in the Apache HTTP Server 2.2...

honeyblog

A blog on honeypots, honeynets, and more...

[0x1] 2011 Honeynet Project Security Workshop Slides + Videos

[0x2] SysSec Workshop

[0x3] The Last Line of Defense - http://tllod.com

[0x4] Call for Papers: EC2ND'10

[0x5] Chaosradio Express #155

[0x6] Challenge 4 of the Forensic Challenge 2010 - VoIP

[0x7] "Is the Internet for Porn? An Insight Into the Online Adult Industry"

[0x8] USENIX LEET'10 & RAID 2010

[0x9] Technical Report: "Abusing Social Networks for Automated User Profiling"

[0xA] Twitter Spamdetector Service

The Grey Corner

A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response.

[0x1] I is HaXoR

[0x2] DEP Bypass Tutorial for Vulnserver

[0x3] Article in Pentest Magazine - Building a pentest system using Ubuntu

[0x4] Restricted Character Set Buffer Overflow Tutorial for Vulnserver

[0x5] Egghunter based exploit for Vulnserver

[0x6] SEH Based Buffer Overflow Tutorial for Vulnserver

[0x7] Running Dradis in Apache on Ubuntu

[0x8] High Level Windows Shellcode Development Methods

[0x9] Simple Stack Based Buffer Overflow Tutorial for Vulnserver

[0xA] Exploit Writers Debugging Tutorial

The RISKS Forum

Peter G. Neumann moderates this regular digest of current events which demonstrate risks to the public in computers and related systems. Security risks are often discussed.

[0x1] Risks Digest 27.35

[0x2] Risks Digest 27.34

[0x3] Risks Digest 27.33

[0x4] Risks Digest 27.32

[0x5] Risks Digest 27.31

[0x6] Risks Digest 27.30

[0x7] Risks Digest 27.29

[0x8] Risks Digest 27.28

[0x9] Risks Digest 27.27

[0xA] Risks Digest 27.26

CERT/CC Blog

[0x1] The Risks of Microsoft Exchange Features that Use Oracle Outside In

[0x2] Keep Calm and Deploy EMET

[0x3] Don't Sign that Applet!

[0x4] Finding Patterns of Malicious Use in Bulk Registrations

[0x5] GeoIP in Your SOC (Security Operations Center)

[0x6] Second Level Domain Usage in 2012 for Common Top Level Domains

[0x7] The Growth of IPv6 Announcements

[0x8] An Alternate View of Announced IPv4 Space

[0x9] The Growth Rate of IP Addresses That Are Advertised as Usable on the Internet

[0xA] Watching Domains That Change DNS Servers Frequently

AskApache

Advanced Web Development

[0x1] King Penguin Linux Notebook

[0x2] Alienware M18xR2 Review of Dells fastest Laptop

[0x3] Bash alternative to Reflector for Ranking Mirrors

[0x4] Htaccess Rewrite for Redirecting Uppercase to Lowercase

[0x5] Separate favicons for the Frontend and Backend

[0x6] PHP fsockopen for FAST DNS lookups over UDP

[0x7] Bash Functions and Aliases for Traps, Kills, and Signals

[0x8] Bash Script to Create index.html of Dir Listing

[0x9] THE Ultimate Htaccess

[0xA] HTTP Status Codes

CSOONLINE.com - Identity Management

[0x1] Google biometrics tests show there's no magic pill for passwords

[0x2] Despite hopeful initiatives, demise of passwords years away

[0x3] The mobile game changer

[0x4] Lessons of HSPD-12

[0x5] Three ID management challenges

[0x6] Small-time ID fraud goes big time

[0x7] Government online surveillance on rise in murky legal environment

[0x8] Cyber criminals plan attack on major U.S. banks

[0x9] Federated Identity Management Still Faces Logistic Hurdles

[0xA] Identity is the new perimeter

OStatic blogs

OStatic

[0x1] OpenMandriva Releases Public Alpha

[0x2] Linux Potpourri: KDE 4.11 Beta, Debian 7.1, & Pisi Linux Beta

[0x3] Linux Foundation's 2013 Training Scholarship Program Opens

[0x4] Google's VP9 Open Video Format Rolls Out in Chromium Build

[0x5] Getting Ready for Google Readers Demise

[0x6] Getting Reader for Google Readers Demise

[0x7] For Red Hat, the Cloud Beckons

[0x8] Mozilla Launches Science Lab Project, Seeks Better Scientific Collaboration

[0x9] openSUSE Ends Week with 13.1 Milestone 2

[0xA] FLOSS Manuals Offers New, Useful Guides to Cool FOSS Applications

LinuxSecurity.com: SuSE Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] SuSE: 2012-001: systemd

[0x4] SuSE: 2011-042: Linux kernel

[0x5] SuSE: 2011-041: Linux kernel

[0x6] SuSE: 2011-040: Linux kernel

[0x7] SuSE: 2011-038: Linux kernel

[0x8] SuSE: 2011-037: Mozilla Firefox

[0x9] SuSE: 2011-036: IBM Java 1.4.2

[0xA] SuSE: 2011-035:

InformationWeek - All Stories And Blogs

InformationWeek

[0x1] The Good And Bad Of Tablets At Work

[0x2] 6 App Store Buying Criteria

[0x3] Google Defends Efforts Against Rogue Pharmacies

[0x4] Britain: The New 'Silicon Island'?

[0x5] BYOD: Why You Will Lose

[0x6] Amplify Brings Gamification To Middle-School Students

[0x7] FBI Driver's License Photo Searches Raise Privacy Questions

[0x8] HTC One Gains Share, Smaller Version Coming

[0x9] LG Racks Up 1M Optimus G Pro Sales

[0xA] 10 Tools To Beat Email Overload

Security Justice

Security Justice

[0x1] Security Justice Episode 37 – All Good Things Must Come To An End

[0x2] Security Justice Episode 36 – Security Turtles, Podcast Updates, DEFCON and Black Hat

[0x3] Security Justice Episode 35- THOTCON Edition

[0x4] Streaming Live at #THOTCON

[0x5] Security Justice Episode 34 – THOTCON, Notacon and the Penetration Testing Execution Standard with @kaospunk

[0x6] Shmoocon 2011 Podcaster Meetup Details

[0x7] Security Justice Episode 33 – ShmooCon, BSidesCLE, Notacon, THOTCON, O-ISC, AIDE and DerbyCon

[0x8] Security Justice Episode 32 – Talking Risk with Alex Hutton (@alexhutton)

[0x9] Security Justice Episode 31 – The Kevin Johnson (@secureideas) Special

[0xA] Security Justice Episode 30 – Rafal Los (@Wh1t3Rabbit) and Dave Kennedy (@dave_rel1k) at the InfoSec Summit

dropsafe

network security, digital rights and bicycles

[0x1] Wanna bet that CESG was using Man-in-the-Middle SSL with a fake cert/CA?

[0x2] Is it “Identity Theft” when people simply lie?

[0x3] Seems to be a new PDF (malware?) spam doing the rounds: “Gmail Verification Alerts”

[0x4] Mark Zuckerberg “Likes” Something That’s Awesome: Baby Foxes # FB Foxes make Gawker headlines

[0x5] This story confuses me; are Google soon to to drop XMPP (and/or GTalk) entirely?

[0x6] Hackers prepare for first “national holiday” in their honor – Boing Boing

[0x7] The Daily Beast as seen by Ghostery

[0x8] …aaaaaand I’m back.

[0x9] STOOPIDTALL – CICLAVIA 2013 – LA BIKE CULT on Vimeo #MUSTWATCH

[0xA] MUST READ: What’s wrong with “Good, clean wi-fi”?

GeekDad

Parents, Kids and the Stuff We Obsess About

[0x1] GeekDad Approved | Tech That Helps Me With Healthy Living

[0x2] GeekDad Exclusive! | Overwinding: The Short Forever — Excerpt From Douglas Rushkoff’s Present Shock

[0x3] GeekDad Exclusive! | Interview with Actor Alan Tudyk from Wreck-it Ralph

[0x4] Wayback Machine | 30 Classic Games for Simple Outdoor Play

[0x5] GeekDad Exclusive! | Apocalypto — Excerpt From Douglas Rushkoff’s Present Shock

[0x6] Wayback Machine | Top 10 Punishments for Geeks

[0x7] Puzzle me this! | A Google-a-Day Puzzle for Mar. 29

[0x8] Game on! | My PAX East 2013 Tabletop Game Highlight Reel

[0x9] Webcomics We Love | Dork Tower Thursday

[0xA] GeekDad Exclusive! | Interview with Actor Jack McBrayer from Wreck-it Ralph

Splunk Blogs

[0x1] Getting data from your REST APIs into Splunk

[0x2] Are you going to Cisco Live 2013, Orlando?

[0x3] Windows, Perfmon and Internationalization

[0x4] Get to .conf2013 – Your Data, No Limits

[0x5] Importing SharePoint ULS Logs

[0x6] Splunk Powers Up With jQuery!

[0x7] Thoughts from Microsoft TechEd North America

[0x8] SplunkIt v2.0.2 Results & EC2 Storage Comparisons

[0x9] Splunk on Splunk 3.0 Now Live!

[0xA] Running as a Windows Service

LinuxSecurity.com

The central voice for Linux and Open Source security news.

[0x1] 7 essentials for defending against DDoS attacks

[0x2] Prism doesn't have CIOs in a panic -- yet

[0x3] PNoy phone hacker denies vandalism

[0x4] Our Top-Secret Message to NSA Whistleblower Edward Snowden

[0x5] Blowback from the NSA Surveillance

[0x6] LulzSec Hacker Ryan Cleary To Be Released

[0x7] Debian: 2709-1: wireshark: Multiple vulnerabilities

[0x8] Mandriva: 2013:175: owncloud

[0x9] Debian: 2708-1: fail2ban: denial of service

[0xA] Mandriva: 2013:174: apache

HITBSecNews - Keeping Knowledge Free for Over a Decade

[0x1] It's tough at the top for anti-virus products

[0x2] Google asks to make surveillance orders public, cites First Amendment

[0x3] The NSA's Prism must be countered with public policy, says crypto guru Phil Zimmermann

[0x4] Yahoo discloses user data requests from US law enforcement agencies

[0x5] Texas becomes first state to require warrant for e-mail snooping

[0x6] Will new tectonic fault system kill the Atlantic?

[0x7] What the NSA doesn’t have: iMessages and FaceTime chats

[0x8] How CyanogenMod's founder is giving Android users their privacy back

[0x9] How to turn a Raspberry Pi into a portable Tor proxy (Onion Pi)

[0xA] British government rewards bad parents

ZDI: Published Advisories

Published Advisories

[0x1] ZDI-13-131: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 1091 Remote Code Execution Vulnerability

[0x2] ZDI-13-130: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 211 Remote Code Execution Vulnerability

[0x3] ZDI-13-129: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 260 Remote Code Execution Vulnerability

[0x4] ZDI-13-128: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 1092 Remote Code Execution Vulnerability

[0x5] ZDI-13-127: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 305 Remote Code Execution Vulnerability

[0x6] ZDI-13-126: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 259 Remote Code Execution Vulnerability

[0x7] ZDI-13-125: Hewlett-Packard Data Protector Cell Manager crs.exe Multiple Opcodes Remote Code Execution Vulnerability

[0x8] ZDI-13-124: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 264 Remote Code Execution Vulnerability

[0x9] ZDI-13-123: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 234 Remote Code Execution Vulnerability

[0xA] ZDI-13-122: Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 235 Remote Code Execution Vulnerability

Observations from a Tech Architect: Enterprise Implementation Issues & Solutions

Enterprise Technology Architect Craig Borysowich shares the challenges and achievements of enterprise solution design and implementation.

[0x1] Involving Users in the Analysis Phase

[0x2] Involving Users in Evaluating Alternatives

[0x3] Involving Users in Defining Requirements

[0x4] Project Management Techniques in Systems Integration Lifecycle (SILC)

[0x5] Is Microsoft's XBOX One signaling a change in the gaming industry?

[0x6] The Roles within Systems Integration Lifecycle Projects

[0x7] The Phases of System Integration Lifecycle (SILC)

[0x8] The Systems Integration Lifecycle (SILC)

[0x9] Systems Integration Lifecycle (SILC) Variations

[0xA] Systems Integration Lifecycle (SILC) Scope

[H]ardOCP News/Article Feed

News/Article Feed for [H]ardOCP

[0x1] Intel Recommends Stockholders Reject TRC Capital's "Mini-Tender" Offer

[0x2] Gigabyte G1.Sniper M5

[0x3] [H]ardware Round-Up II

[0x4] Nvidia To License Its GPU Technology

[0x5] Thermaltake Urban S21

[0x6] The Most Advanced Directional Sign on Earth

[0x7] Epic Response to a Cease and Desist Letter

[0x8] EA: Your Wimpy PC Can't Handle Our Games

[0x9] Yahoo On What They Shared With The Government

[0xA] Xbox One Interview of the Day

Codenomicon News - RSS Feed

Codenomicon News - RSS Feed

[0x1] New Fuzzing Platform Defensics X Released!

[0x2] Codenomicon and FH Brandenburg work together for safer tomorrow

[0x3] Codenomicon Network Analyzer wins IT Security Product of the Year Award

[0x4] MultiServiceForum Introduces Robustness Testing at VoLTE Interoperability Event

[0x5] Codenomicon warns about poor quality of Bluetooth equipment

[0x6] Webcast on NGN Security featuring Ovum Analyst

[0x7] Check out the August 2011 issue of Codenomicon Newsletter

[0x8] Codenomicon brings fuzzing to the cloud

[0x9] Codenomicon endorses rugged software movement

[0xA] The Leading Experts in Fuzz Testing Come Together in Las Vegas

Corporate News

Corporate News

[0x1] 90% of companies underestimate the volume of malicious software

[0x2] Kaspersky Lab Opens Office in Israel

[0x3] 52% of companies view careless employees as threat to sensitive data

[0x4] Top award for Kaspersky Internet Security 2013 in the MRG Effitas Real-World Protection Test

[0x5] Kaspersky Lab included in the Gartner Magic Quadrant for Mobile Device Management Software

[0x6] Only 52% of companies worldwide understand the importance of using a centralized management console

[0x7] Kaspersky Lab Uncovers ‘Operation NetTraveler,’ a Global Cyberespionage Campaign Targeting Government-Affiliated Organizations and Research Institutes

[0x8] Social networks are the most dangerous virtual ‘playground’ for children

[0x9] Kaspersky Lab is expanding its product portfolio with Kaspersky Security for Virtualization-Light Agent

[0xA] Kaspersky Internet Security 2013 wins AAA Award in Dennis Technology Labs Q1 Home Anti-Virus Protection test

Microsoft news from Network World

Breaking Microsoft news and analysis from NetworkWorld.com

[0x1] Zoom, Vidyo enhance videoconferencing offerings

[0x2] Reddit AMA: Skype founder finds it hard to say who to believe in PRISM scandal

[0x3] TechEd attendees call Surface discount deal 'crazy'

[0x4] Microsoft overhauls pricing for Azure Web services

[0x5] Cisco not looking to kill Microsoft/Skype deal, says Chambers

[0x6] How to integrate Skype with Microsoft Lync

[0x7] IDC: PC sales being crippled by tablets; Windows 8 part of the problem

[0x8] Cisco appeal of Microsoft/Skype to be heard this week

[0x9] Windows 8 Update: Microsoft sacks iPad in Windows 8 ad, joins forces with NFL

[0xA] How VMware will try to shake up the cloud market this week

IT Management & Trends White Papers

CIO, Emerging Technologies, and Project Management White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] Best-Practice Automation of Invoice Delivery from SAP(R) Solutions - Keeping Customers Satisfied While Making the Move

[0x3] The Learning Organization Goes Digital

[0x4] 10 Tips - IT Training Support

[0x5] How to Make Your IT Staff Smarter

[0x6] Improving Application Development with Digital Libraries

[0x7] Working Green with Digital Libraries - How it Can Help

[0x8] Minimizing Technology Project Delays with Digital Libraries

[0x9] How VMware Virtualization Right-sizes IT Infrastructure to Reduce Power Consumption

[0xA] Reduce Energy Costs and Go Green with VMware Virtualization

TaoSecurity

Richard Bejtlich's blog on digital security, concentrating on global challenges posed by China and other targeted adversaries.

[0x1] President Obama Is Right On US-China Hacking

[0x2] Pre-Order The Practice of Network Security Monitoring Before Price Hike

[0x3] Practice of Network Security Monitoring Table of Contents

[0x4] Bejtlich Teaching New Class at Black Hat in July

[0x5] Mandiant APT1 Report: 25 Best Commentaries of the Last 12 Days

[0x6] Recovering from Suricata Gone Wild

[0x7] Using Bro to Log SSL Certificates

[0x8] Practical Network Security Monitoring Book on Schedule

[0x9] On Thought Leadership and Non-Technical Relevance

[0xA] How to Win This TCP/IP Book

The Geek Stuff

Guides, HowTos and Tips for Technology Geeks

[0x1] How to Compile Linux Kernel from Source to Build Custom Kernel

[0x2] How to Write C++ Virtual Functions with Examples

[0x3] How to Force Install a Perl Module using CPAN

[0x4] 10 Practical Linux Cut Command Examples to Select File Columns

[0x5] Buffer Overflow Attack Explained with a C Program Example

[0x6] 7 Linux Uniq Command Examples to Remove Duplicate Lines from File

[0x7] How to Enable DELL BIOS Password for both Setup and System

[0x8] 5 Modem At Command Examples in Linux (How to Configure Minicom)

[0x9] 7 Linux Date Command Examples to Display and Set System Date Time

[0xA] How to Install AMQP PHP Extension and RabbitMQ Client on Linux

HolisticInfoSec

Russ McRee's HolisticInfoSec includes articles and research, as well as feedback and an occasional rant. The goal is promoting standards, simplicity, and efficiency in achieving holistic information security.

[0x1] toolsmith: Visual Malware Analysis with ProcDOT

[0x2] toolsmith: Recon-ng

[0x3] toolsmith: Implementing Redmine for Secure Project Management

[0x4] toolsmith: Redline, APT1, and you – we’re all owned

[0x5] toolsmith: Social-Engineer Toolkit (SET) - Pwning the Person

[0x6] 2012 Toolsmith Tool of the Year: ModSecurity for IIS

[0x7] toolsmith: Violent Python - A Book Review Applied to Security Analytics

[0x8] Choose the 2012 Toolsmith Tool of the Year

[0x9] toolsmith: ModSecurity for IIS

[0xA] CTIN Digital Forensics Conference - No fluff, all forensics

Veracode Security Blog: Application security research, security trends and opinions

Application security testing, analysis, and metrics

[0x1] A Guide to Internet Safety for Parents and Their Children

[0x2] OWASP Releases New Top 10. Is That 9 Too Many?

[0x3] Mobilizing the Masses: Building BYOD Security Awareness in Your Workplace

[0x4] Launch Day! Mobile Application Reputation Service

[0x5] Increasing Business with a SaaS-based Application Security Platform

[0x6] At FTC Event, Google Plays Dumb On Mobile Security

[0x7] How to Wipe Your Old Smartphone Data Before You Donate

[0x8] Review Your Exceptions Early and Often

[0x9] Report Reveals: 41% of Data Theft Hits Applications and Documents

[0xA] Veracode’s CEO a Finalist in Ernst & Young’s Entrepreneur of the Year Award

Virtual Shadows

the privacy blog!

[0x1] More on Snowden

[0x2] UK Citizens! Does the Protection of Freedom Act 2012 really protect you?

[0x3] Make a difference!

[0x4] The growing dark side of cyberspace

[0x5] The Next Web?

[0x6] MSIPR, SIPRM, PIRMS, IPMSR? No it’s PRISM!

[0x7] Dilemmas concerning privacy

[0x8] More on wire-tapping worldwide!

[0x9] NSA leak scandal and Snowden

[0xA] I’m grown up now :-D

Techworld.com operating-systems

Latest IT articles from Techworld's operating-systems channel

[0x1] Project Cauã: revolutionising IT for the masses

[0x2] Project Cauã: revolutionising IT for the masses

[0x3] John 'Maddog' Hall: Why Raspberry Pi is only the beginning

[0x4] Microsoft to include Outlook app with update to Windows 8 RT

[0x5] IDC: No end in sight for rising smartphone sales

[0x6] Foxconn, Mozilla partner for Firefox OS cellphones

[0x7] Start menu isn't back in Win 8.1, but some key features are

[0x8] Oracle, managed services provider to settle suit over third-party support

[0x9] Google tests enhanced notifications in Chrome browser

[0xA] New Kinect for Windows to improve human interaction with computers

Security Database

Security-Database help your corporation foresee and avoid any security risks that may impact your IT infrastructure and business applications.

[0x1] Alert History and ExploitDB update

[0x2] Oval Repository and vDNA Update

[0x3] Security-Database Rebirth

[0x4] Security-Database is now CWE Compatible !

[0x5] Security-Database is now CVE Compatible !

[0x6] Security-Database update is database by adding ExploitDB

[0x7] New Vendors integration HP & VMware

[0x8] Officially OVAL Adopter

[0x9] New vDNA WebService : CVSS v2 Calculator

[0xA] Security-Database OVAL Repository Update

Techworld.com operating-systems

Latest IT articles from Techworld's operating-systems channel

[0x1] Project Cauã: revolutionising IT for the masses

[0x2] Project Cauã: revolutionising IT for the masses

[0x3] John 'Maddog' Hall: Why Raspberry Pi is only the beginning

[0x4] Microsoft to include Outlook app with update to Windows 8 RT

[0x5] IDC: No end in sight for rising smartphone sales

[0x6] Foxconn, Mozilla partner for Firefox OS cellphones

[0x7] Start menu isn't back in Win 8.1, but some key features are

[0x8] Oracle, managed services provider to settle suit over third-party support

[0x9] Google tests enhanced notifications in Chrome browser

[0xA] New Kinect for Windows to improve human interaction with computers

Andy ITGuy - Information Security Blog

A voice of reason in a world of FUD

[0x1] Opps, Did I do that?

[0x2] What ever happened to professional courtesy?

[0x3] The Disclosure Debate Continues….. (part 1,453, 769) to be continued

[0x4] ATM Security (and really learning from the past)

[0x5] Biting the hand that feeds you

[0x6] Episode 100 of the Southern Fried Security Podcast

[0x7] So What?

[0x8] There are no hacktivists

[0x9] Hello World, Again

[0xA] On security awareness training

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] Another Ebay permanent XSS

[0x2] F-Secure, McAfee and Symantec websites again XSSed

[0x3] Happy New Year 2012!

[0x4] Not surprisingly, McAfee websites are susceptible to XSS attacks

[0x5] Secure Amazon Seller Central password reset page XSSed

[0x6] EV SSL-secured live PayPal site vulnerable to XSS

[0x7] Persistent XSS bug discovered on eBay

[0x8] More American Express sites vulnerable to XSS and open redirects

[0x9] Cross-site scripting hole in American Express site using EV SSL

[0xA] Amazon hit by persistent XSS vulnerability

Computerworld Blogs

[0x1] 2013 Apple MacBook Air: Great battery, but pricey and limited

[0x2] The dangers of bypassing web filters

[0x3] Worried about the NSA? Try the postal service instead

[0x4] With 4 million unsold Surface tablets, Microsoft slashes prices for schools

[0x5] How to make your whole home screen look like Google Now

[0x6] Apple is planning a liquid-cooled iPhone (and so are Samsung and HTC)

[0x7] In era of sequestration, data storage optimization key for government agencies

[0x8] Nope, we're just spying on that guy behind you

[0x9] Derned right geeks are funny!

[0xA] Single critical update fixes all versions of Internet Explorer

got privacy?  Musings on the state of Privacy in a connected world. - Blog

Blog

[0x1] Why Information Security (InfoSec) differs from Information Technology security (IT Security)

[0x2] How to get the most bang from your Conference buck.

[0x3] Accessibility and Privacy. A Zero Sum Game?

[0x4] How will you mark Data Privacy Day?

[0x5] Securing Virtual Worlds

[0x6] Why “Gap” is a 4-letter word (part 1)

[0x7] Man drives into post. World gasps.

[0x8] Privacy implications of Twitter Lists

[0x9] Privacy After Death

[0xA] To Google or not to Google? That is the Ethical question.

C-skills

A blog dedicated to software and network trickery.

[0x1] OpenSSL PrivSep trickery

[0x2] Nirvana trickery

[0x3] CLONE_NEWUSER trickery: CVE-2013-1858

[0x4] c25k problem solved

[0x5] lophttpd caching trickery

[0x6] Valentine pam_fprintd trickery

[0x7] grep vs. grab

[0x8] What is a dzug?

[0x9] New Android lophttpd binaries

[0xA] lophttpd https trickery

Zone-H.org Defacements

Latest defacements published by Zone-H.org

[0x1] http://linkoverseas.in

[0x2] http://khajuribazaar.com

[0x3] http://moirasariya.com

[0x4] http://jmaindore.com

[0x5] http://kalakarbooking.com

[0x6] http://kidzberry.in

[0x7] http://lakhichandandsons.com

[0x8] http://megastatic.com

[0x9] http://multilandindia.com

[0xA] http://myunicusindia.com

Rootsecure.net

The security news site for systems administrators & hackers - keeping you informed about all the top security news stories updated daily

[0x1] Cisco Zine: How to create self-signed certificates

[0x2] Cisco Zine: Unicast flooding due to asymmetric routing

[0x3] Acros Security: Adobe Reader X (10.1.2) msiexec.exe Planting

[0x4] Cisco Zine: Twelve Cisco vulnerabilities

[0x5] Marco Ramilli's Blog: CVE-2012-0507

[0x6] Cisco Zine: How to perform SSH RSA User Authentication

[0x7] Offensive Security: FreePBX Exploit Phone Home

[0x8] Cisco Zine: Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera buffer overflow

[0x9] arstechnica: How Anonymous plans to use DNS as a weapon

[0xA] arstechnica: Doxed: how Sabu was outed by former Anons long before his arrest

Black Hat Announcements

Black Hat Digital Self Defense. Black Hat provides cutting edge content in the information and computer security field. Keep up to date with Black Hat presentations, announcements, and free content.

[0x1] Black Hat USA 2010 Training: Pentesting with Backtrack by Offensive Security

[0x2] Black Hat USA 2010 Training: Application Security: For Hackers and Developers

[0x3] Black Hat USA 2010 Training: Assaulting IPS

[0x4] Free Black Hat March Webcast - Pen Testing the Web with Firefox by Michael Schearer ("theprez98")

[0x5] Black Hat USA 2010 Registration Now Open!

[0x6] Black Hat USA 2010 Call for Papers Closes May 1

[0x7] Black Hat Europe 2010 Call for Papers Closes March 1

[0x8] Feb 18 Webcast

[0x9] Black Hat DC 2010 - News - Security chip that does encryption in PCs hacked

[0xA] Black Hat DC Keynote

CNET News - Security & Privacy

[0x1] BlackBerry Z10 incurs 'critical' security warning

[0x2] North Korea calls U.S 'kingpin of human rights abuses' following NSA leaks

[0x3] Obama: NSA spying doesn't mean 'abandoning freedom'

[0x4] School iris-scanned students without telling parents

[0x5] Miss Alabama's beautiful confusion about NSA surveillance

[0x6] NSA leaked documents reveal U.S. spied on Russian president

[0x7] Purdue students charged with switching prof's keyboard to improve grades

[0x8] Verizon, T-Mobile foreign stakes make data collection harder

[0x9] Malware masquerading as Bad Piggies found on Google Play

[0xA] Symantec axing as many as 1,700 jobs, says report

Why Joseph

InfoSec Thoughts Ideas and Practice

[0x1] SQLi with Python and DVWA: article 201304

[0x2] Python Script to Log Into DVWA: article 201303

[0x3] Python Script to Connect to and Start Web Goat: article 201302

[0x4] Link Scraper using Python: article 201301

[0x5] XSS for Stealing Cookies and Mozzila for Using Them: article 201207

[0x6] Screen Scraper in Python: article 201206

[0x7] tshark and airmon-ng to capture SSID broadcasts: article 201205

[0x8] My Experience Building a MiniPwner: article 201204

[0x9] De-Obfuscation of a Phishing Attack: article 201203

[0xA] Busting an Attacker: article 201202

Technology News

Get the latest technology news, comment and anlaysis from the Telegraph.

[0x1] Huawei Ascend P6 review

[0x2] Labels relegated to history as laser branding appears on fruit

[0x3] Yuri Gagarin movie attracts criticism

[0x4] Chinese supercomputer is world's fastest at 33,860 trillion calculations per second

[0x5] Parents fear children are still at risk despite child porn curbs

[0x6] Culture Secretary: internet companies will proactively police child abuse images

[0x7] Huawei Ascend P6: review of world's thinnest phone

[0x8] Huawei Ascend P6: world's thinnest phone launches

[0x9] UK internet providers commit £1m to eradicate child porn

[0xA] Analysis: G20 plans for a global IP regime and universal internet access

OSF Data Loss - The Blotter

This feed contains the latest blotter articles posted to datalossdb.org.

[0x1] 4 guilty in identity theft, tax fraud ring

[0x2] Ex-bank manager charged in theft of $28K

[0x3] Why Texans Should Be Most Worried About Identity Theft

[0x4] Proposed Rule Could Help Kids Replace Stolen Social Security Numbers

[0x5] Identity thieves don't steal just credit cards

[0x6] Florida's Identity-Theft Rate Dwarfs Others

[0x7] Paralegal sentenced in theft of $400,000 from Foley lawyer which destroyed victims' livelihoods

[0x8] Orlando, N.Y. criminals stole millions in tax refund fraud

[0x9] Human Resources Canada faces 4 lawsuits over lost data

[0xA] ID theft biggest fraud threat, says Cifas

Learning Solaris 10

Check out the Zones F.A.Q. !

[0x1] CentOS 3.9 running in an lx branded zone

[0x2] OpenSolaris & Sun Secure Global desktop

[0x3] Opensolaris & wifi Broadcom BCM4312 on Dell Vostro 1710

[0x4] Security Advantages of the Solaris Zones Software

[0x5] Understanding the Security Capabilities of Solaris Zones Software

[0x6] New blueprint over the M-Series servers configuration

[0x7] Sun Forums: A Sun Java System Web Server 7.0 Reference Deployment

[0x8] Network virtualization in Solaris : project Crossbow

[0x9] Setting Up OpenDS 1.0.0 as a Naming Service

[0xA] Sun Fire X4500 as a Media Server for Symantec Veritas NetBackup 6.5

Dr Anton Chuvakin Blog PERSONAL Blog

LogChat: Andrew Hay and Anton Chuvakin talk about logging, log management and related topics

[0x1] Monthly Blog Round-Up – May 2013

[0x2] Monthly Blog Round-Up – April 2013

[0x3] Monthly Blog Round-Up – March 2013

[0x4] Monthly Blog Round-Up – February 2013

[0x5] Monthly Blog Round-Up – January 2013

[0x6] Annual Blog Round-Up – 2012

[0x7] Monthly Blog Round-Up – December 2012

[0x8] Links for 2013-01-10 [del.icio.us]

[0x9] Links for 2013-01-07 [del.icio.us]

[0xA] Links for 2013-01-06 [del.icio.us]

Welcome to the Frontpage

ThreatChaos. News, views and analysis. A security blog providing original research from the IT-Harvest team.

[0x1] Fallout from the Christmas hack of Stratfor

[0x2] There is no billion dollar market for mobile AV

[0x3] Granular application control drives next gen firewalls

[0x4] Modern malware defense

[0x5] Don't black list white listing

[0x6] The new Entrust

[0x7] Out of band authentication: PhoneFactor

[0x8] WatchGuard and UTM

[0x9] Reputation services enhance IPS

[0xA] Multi-channel authentication is an alternative to tokens

Rational Survivability

Hoff's Ramblings about Information Survivability, Information Centricity, Risk Management and Disruptive Innovation.

[0x1] An Ode To Glass

[0x2] Video Of My ’12 Microsoft Bluehat Talk: Sh*t My Cloud Evangelist Says

[0x3] Intel TPM: The Root Of Trust…Is Made In China

[0x4] Incomplete Thought: Where Is the Technology Disruption Forcing REAL Change In Security?

[0x5] Wanna Be A Security Player? Deliver It In Software As A Service Layer…

[0x6] NIST’s Trusted Geolocation in the Cloud: PoC Implementation

[0x7] On Puppy Farm Vendors, Petco and The Remarkable Analog To Security Consultancies/Integrators…

[0x8] Are Flat Networkers Like Flat Earthers Of Yore?

[0x9] CloudPassage: Security & The Cloud 2012…

[0xA] The Tyranny Of Taming (Network) Traffic: Steering, Service Insertion and Chaining…

cryptography on SWiK

[0x1] Stream-Cipher-Test-Algorithm-1

[0x2] cryptoolinux

[0x3] del.icio.us/popular/cryptography

[0x4] password

[0x5] mosref

[0x6] MatrixSSL - embedded SSL for devices

[0x7] Cryptonit

[0x8] turbid

[0x9] cryptlib

[0xA] Galois Field Arithmetic Library

The Hacker's Choice - Freeworld News

News around The Hacker's Choice including releases, papers, exploits and other activities

[0x1] Hydra v6.5 is now available!

[0x2] Hydra v6.4 is now available with module enhancements and ...

[0x3] THC T-Shirts for 2011 can now be ordered.

[0x4] Get the new thc-ipv6 v1.6 release - lots of cool new tool...

[0x5] Hydra v6.3 is available with new oracle and smtp-enum mod...

[0x6] Amap v5.4 is now available which fixes an IPv6 bug introd...

[0x7] Amap v5.3 is now available.

[0x8] Hydra v6.2 is available with a new password bruteforcing ...

[0x9] Join the THC t-shirt design contest!

[0xA] Hydra v6.1 is available with SSHv1 support, a few fixes a...

SecTechno

Information Security Blog

[0x1] Oracle plans to fix 40 holes in Java

[0x2] Weevely 1.1 – PHP Webshell

[0x3] OWASP published 2013 Top 10 Vulnerabilities

[0x4] Android hit by a sophisticated malware

[0x5] Malwasm – Offline malware debugging tool

[0x6] Study: after one month 93% of users still vulnerable to Java attacks

[0x7] CrowdInspect Malware Forensic Program

[0x8] Beware of OSX/KitM Mac Spyware

[0x9] TrendMicro Warn of WORM_PIZZER.A

[0xA] BackBox 3.05 – Penetration Testing Distribution!

Capi's Corner

Development, Network, Security, Ideas & Opinions

[0x1] HOWTO: Fully encrypted vServer with Ubuntu 12.04

[0x2] A geek’s unified instant messaging setup

[0x3] Fix two Ubuntu 10.04 window manager annoyances

[0x4] The power of git aliases

[0x5] OCZ Vertex2, Linux, and ancient nForce 430 chipset

[0x6] Remaining Windows Vista/7 “rearm count”

[0x7] Novatel Merlin U740 using only Windows 7 onboard tools

[0x8] tr.im to be shut down

[0x9] URL shortening services soon to be under siege?

[0xA] Windows Vista Home/Business/Enterprise has a telnet client, too

Technolust since 2005

Trust Your Technolust

[0x1] Hak5 1417 – HackRF update, Mailvelope weaknesses and Makers

[0x2] LA Hackerspace Hangout

[0x3] LA Meetup Afterparty

[0x4] Threat Wire 0029 – Megaupload Victory and Evernote Gets More Secure

[0x5] Hak5 1416 – Aerial Infrared Photography Project and New Arduinos

[0x6] Los Angeles Meetup – June 22

[0x7] 5 Cylinder Forced Induction Giggle Zone – Hack Across America Vlog

[0x8] Threat Wire 0028 – Twitter Two-Step Authentication

[0x9] Auto Edit And Upload to Youtube – Hack Across America Vlog

[0xA] Hak5 1415 – OverLand Expo 2013 and Raspberry Pie Updates

Hungry Hacker

The Hungry Hacker's Explanation of Everything

[0x1] Our DSL Modem was overheating…

[0x2] Review: Logitech G330 Headset

[0x3] FreeBSD on Linode

[0x4] Buggy Digital Volume Controls

[0x5] Fixing an Office Chair

[0x6] Buying a little more time from my Microsoft Optical Mouse

[0x7] lspci for Windows… Sort of…

[0x8] Super-caching with TimThumb

[0x9] Low-pressure Spyder with Pure Energy Regulator

[0xA] UPnP-IGD on FreeBSD with PF

LinuxSecurity.com: FreeBSD Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] FreeBSD: Kernel memory disclosure in procfs and linprocfs

[0x4] FreeBSD: fetch Overflow error

[0x5] FreeBSD: syscons Boundary checking errors in syscons

[0x6] FreeBSD: cvs number of vulnerabilities

[0x7] FreeBSD: kernel Improper memory access vulnerability

[0x8] FreeBSD: kernel Excessive privilege vulnerability

[0x9] FreeBSD: core:sys Buffer cache invalidation vulnerability

[0xA] FreeBSD: cvs Heap overflow vulnerability

DVLabs: Published Advisories

Published Advisories

[0x1] TPTI-12-05 - Oracle AutoVue ActiveX SetMarkupMode Remote Code Execution Vulnerability

[0x2] TPTI-12-06 - Hewlett-Packard Data Protector DtbClsAddObject Parsing Remote Code Execution Vulnerability

[0x3] TPTI-12-04 - Samba NDR PULL EVENTLOG ReportEventAndSourceW Heap Overflow Remote Code Execution Vulnerability

[0x4] TPTI-12-03 - Adobe Reader X True Type Font MINDEX Remote Code Execution Vulnerability

[0x5] TPTI-12-02 - Novell iPrint Client ActiveX GetPrinterURLList2 Remote Code Execution Vulnerability

[0x6] TPTI-12-01 - Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability

[0x7] TPTI-11-15 - Novell ZENWorks Software Packaging ISGrid.Grid2.1 bstrSearchText Parameter Remote Code Execution Vulnerability

[0x8] TPTI-11-14 - Adobe Shockwave DEMX Remote Code Execution Vulnerability

[0x9] TPTI-11-13 - McAfee SaaS myCIOScn.dll Scan Method Script Injection Remote Code Execution Vulnerability

[0xA] TPTI-11-12 - McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability

Black Hat Forum Black Hat SEO

BlackHatWorld is the SEO Forum dedicated to learning Internet Marketing, Discovering new SEO, cloaking, doorway pages, blogging, automatic content generators and more. Master the ART of "BlackHat"!

[0x1] Offer For Noobs Who Wanna Make Some Money

[0x2] Comment liker

[0x3] What exactly is Jr. VIP and what does it offer?

[0x4] Contact 100 fiverr providers

[0x5] iMacro Facebook Event Script

[0x6] Best WP theme for authority site?

[0x7] white hat seo vs black hat seo

[0x8] Amazing Template - can anyone identify?

[0x9] Manual comment poster needed

[0xA] SpinRewrite or WordAi Which one To Choose ?

CSOONLINE.com - Security Industry

[0x1] Why you need a security buddy (and how to find one)

[0x2] Using security skills for charitable cause

[0x3] Women leaders in security recognized

[0x4] Why security is in denial about awareness

[0x5] How valuable are security certifications today?

[0x6] Hot security skills of 2013

[0x7] Mandiant gains instant fame after Chinese hack report

[0x8] 15 tips for landing - and acing - a job interview

[0x9] Dabbling in the dark arts

[0xA] Cloud security rebuttal: Don't rebuke the many for the sins of the few

LinuxSecurity.com: Debian Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] Debian: 2709-1: wireshark: Multiple vulnerabilities

[0x4] Debian: 2708-1: fail2ban: denial of service

[0x5] Debian: 2707-1: dbus: denial of service

[0x6] Debian: 2706-1: chromium-browser: Multiple vulnerabilities

[0x7] Debian: 2705-1: pymongo: denial of service

[0x8] Debian: 2704-1: mesa: out of bounds access

[0x9] Debian: 2703-1: subversion: Multiple vulnerabilities

[0xA] Debian: 2702-1: telepathy-gabble: TLS verification bypass

Rational Survivability

PLEASE NOTE: I HAVE PERMANENTLY MOVED MY BLOG TO http://www.rationalsurvivability.com/blog <-- All these posts/comments have been moved there and all new posts since May 2009 appear there.

[0x1] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved To http://www.rationalsurvivability.com/blog

[0x2] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved

[0x3] IMPORTANT: Moving My Blog & RSS Feed

[0x4] BeanSec! Wednesday, March 18, 2009 - 6PM to ?

[0x5] How To Be PCI Compliant in the Cloud...

[0x6] On the Overcast Podcast with Geva Perry and James Urquhart

[0x7] More On Clouds & Botnets: MeatClouds, CloudFlux, LeapFrog, EDoS and More!

[0x8] Source Boston - Video Interviews of Security Rockstars...

[0x9] Oh Noes: We Can't Monitor/Protect Against Intra-VM Traffic!

[0xA] Sun vs. Cisco? I'm Getting My Popcorn...

Oracle Security Alerts

Security Alerts Issued by Oracle

[0x1] Oracle Java SE Critical Patch Update Advisory - June 2013

[0x2] Oracle Java SE Critical Patch Update Advisory - April 2013

[0x3] Oracle Critical Patch Update Advisory - April 2013

[0x4] Oracle Security Alert for CVE-2013-1493 - 04 Mar 2013

[0x5] Updated Release of the Oracle Java SE Critical Patch Update - February 2013

[0x6] Oracle Java SE Critical Patch Update Advisory - February 2013

[0x7] Oracle Critical Patch Update Advisory - January 2013

[0x8] Oracle Security Alert for CVE-2013-0422 - 13 Jan 2013

[0x9] Oracle Critical Patch Update Advisory - October 2012

[0xA] Oracle Java SE Critical Patch Update Advisory - October 2012

SearchSecurity: Threat Monitor

Tactical advice on defending against current threats, including viruses, worms, spyware and bots.

[0x1] Surviving cyberwar: Preparing for APTs, Stuxnet malware-style attacks

[0x2] Crisis Trojan, new Mac OSX Trojan, considered a low risk for now

[0x3] Social engineering penetration testing: Four effective techniques

[0x4] Reassessing Mac enterprise security in face of Flashback malware

[0x5] Diagram outside firm role early in security incident response process

[0x6] Analysis: Vast IPv6 address space actually enables IPv6 attacks

[0x7] Securely implement and configure SSL to ward off SSL vulnerabilities

[0x8] How to prevent a WPS flaw from damaging enterprise wireless security

[0x9] DoS attack responses demand better business continuity plans

[0xA] Web-facing applications: Mitigating likely Web application threats

EarthWeb IT Management News & Views

EarthWeb IT Management News & Views offers busy IT managers up-to-date reports and insightful analysis of IT industry trends.

[0x1] LinuxCon: Linux's Future in the Spotlight

[0x2] Google Wave Partner SAP Says StreamWork Still On Track

[0x3] Skype Files for $100 Million IPO

[0x4] Mobile BI Review: MicroStrategy Puts Business Intelligence on Your iPhone

[0x5] The Continually Changing Role of the CIO

[0x6] Senate Dems Push Data Breach Bill

[0x7] Guide to Virtual Desktop Setup

[0x8] Top Ten Web Malware Threats

[0x9] Windows Azure Gains Single Sign-On Support

[0xA] Best Smartphones for Microsoft Exchange

OVAL News

OVAL news headlines for the latest compatible products, data and schema updates, upcoming conferences, new Web site features, OVAL in the news, etc.

[0x1] Registration Now Open for MITRE’s Developer Days 2013 on July 22-24

[0x2] GCP Global Posts OVAL Adoption Questionnaire to Become Official OVAL Adopter

[0x3] Information-technology Promotion Agency, Japan (IPA) Posts OVAL Adoption Questionnaire to Become Official OVAL Adopter

[0x4] MITRE Hosts Community Call about "OVAL for Android"

[0x5] OVAL Board Meeting Minutes Now Available

[0x6] MITRE Hosting "OVAL for Android" Community Call on May 6

[0x7] OVAL a Main Topic of Cisco Webinar about Security Automation

[0x8] OVAL Board Meeting Minutes Now Available

[0x9] OVAL Interpreter Updated to Version 5.10.1.5

[0xA] OVAL Board Holds Teleconference Meeting

InfoSecPodcast.com

[0x1] Bit9 hacked and keys used to sign malware

[0x2] Help Desk as a Cyber Threat Intel source

[0x3] Cyber Intelligence Challenges

[0x4] My SC Magazine article on Cyber Threat Intel sharing

[0x5] PGP on iPhone / iPad

[0x6] New InfoSec positions open in Maine

[0x7] Cyber Janitors? Really?

[0x8] Taking SANS FOR610 malware forensics class

[0x9] APT and attribution

[0xA] McAfee acquires NitroSecurity

2600: The Hacker Quarterly

Off The Hook and Off The Wall

[0x1] Off The Wall show for June 18, 2013

[0x2] Off The Hook show for June 12, 2013

[0x3] NEW CLUB-MATE SHIPMENT IS IN - MORE SHIPPING OPTIONS

[0x4] TESLA BILLS ARE BACK!

[0x5] SPRING ISSUE OF 2600 RELEASED

[0x6] VOLUME 25 OF 2600 NOW ONLINE - DRM FREE - IN KINDLE, NOOK, AND PDF FORMATS

[0x7] WINTER ISSUE OF 2600 RELEASED

[0x8] VOLUME TWO OF 2600 NOW ONLINE - DRM FREE - IN KINDLE, NOOK, AND PDF FORMATS

[0x9] AN OPEN LETTER TO OUR LISTENERS FROM THE STAFF OF "OFF THE HOOK"

[0xA] THE FIFTH HOPE VIDEO ARCHIVE NOW ONLINE

MITRE Career News

The MITRE Career News feed offers stories about working at MITRE, from our popular Employee Spotlight features, to useful information about upcoming recruiting events and more.

[0x1] A Passion for Problem Solving Fuels Career Success

[0x2] Harnessing the Power of Data to Improve Risk Management

[0x3] The Grease that Keeps the MITRE Labs' Wheels Spinning

[0x4] MITRE's Princeton Site is a Hotbed for Quantum Information

[0x5] MITRE's Expanding Role in Health Care Policy

[0x6] A Career that Evolves with the Nation's Aviation System

[0x7] Improving Health IT Is a Personal Mission for MITRE Engineer

[0x8] Software Engineer Sees the Difference She's Making for Warfighters on Patrol

[0x9] Helping the Army Manage Its IT Assets from Fort Huachuca

[0xA] MITRE's Vandenberg AFB Site Supports DoD's Space Mission

Liquidmatrix Security Digest

Bringing Fire To The Village: Your Source For Computer, Network & Information Security News

[0x1] Liquidmatrix Security Digest Podcast – Episode 2C

[0x2] Liquidmatrix Security Digest Podcast – Episode 2B

[0x3] No security without maturity

[0x4] Liquidmatrix Security Digest Podcast – Episode 2A

[0x5] LinkedIn Links Up With Two Factor Auth

[0x6] Turkey Dialup Access

[0x7] YourAnonNews Twitter Account Compromised

[0x8] Evernote Rolls Out Two Factor Auth

[0x9] Amazon Rolls Out “Login” 2FA

[0xA] Rob Ford’s former staffers’ emails, telephone records ordered destroyed: sources

good coders code, great reuse

Peteris Krumins' blog about programming, hacking, software reuse, software ideas, computer security, google and technology.

[0x1] A Simple LD_PRELOAD Tutorial, Part 2

[0x2] I published another 10 of my projects to GitHub

[0x3] A Simple LD_PRELOAD Tutorial

[0x4] Visualization of Regular Expression Character Classes

[0x5] TCP Traceroute

[0x6] Browserling now has Internet Explorer 10!

[0x7] Idea for later - a 1:1 teaching meetup network

[0x8] How to write Testling-CI tests

[0x9] Announcing Testling-CI

[0xA] The `sudo chroot /chroot su - user -c "cmd args"` trick

Famous Pete Wood Security

My friends tease me about my role in promoting First Base Technologies through public speaking, articles and interviews ... hence calling me 'Famous Pete Wood Security'

[0x1] Peru Trek

[0x2] User awareness

[0x3] Out of the Blue: Responding to New Zero-Day Threats

[0x4]

[0x5] Cloud Security Alliance UK & Ireland

[0x6] Cyber Security In Real-Time Systems and CNI

[0x7] Cloud Security Alliance UK and Ireland

[0x8] A Software Engineer, a Hardware Engineer and a Departmental Manager ...

[0x9] Festive Greetings

[0xA] Fighting malware in your browser

SecurityVibes UK

Security & Compliance Community

[0x1] The analyst view: 2011 in perspective

[0x2] The pen tester’s view of 2011: awareness rises but complacency reigns

[0x3] Stratfor clients braced for disclosures

[0x4] Northrop Grumman and Finmeccanica aim for NATO cyber role

[0x5] Security poised for place on government fast track?

[0x6] Spammers turn on festive themes

[0x7] Company bosses: barrier to security in essential services

[0x8] Cisco: get to work on known unknowns in 2012

[0x9] Tough cookies – ICO on new privacy rules

[0xA] Are reports of the death of the hardware token premature?

Security Watch

[0x1] Weekly Security Newsletter, November 4

[0x2] End of Year Security Reports, The Complete List

[0x3] GSM Security, 2011

[0x4] Ad Networks Drive-by Download attack

[0x5] Materials, SecTor 2010

[0x6] Google Hacking Database Reborn

[0x7] Reports, State of the Internet 2010, CA Threat Landscape

[0x8] Materials, VB2010 conference

[0x9] Reports, NSSLabs Consumer Anti-Malware Products Test Report Q3 2010

[0xA] Materials, HITB Malaysia, 2010

The new Security and Penetration Testing Community

A new Information and Penetration Testing Protal for all security and network professionals. The site include a number of whitehat hacking tools and documents like nmap,dsniff,etterkap,yersinia,cisco security.

[0x1] Advance Web Hacking

[0x2] Honeypot

[0x3] The Conflicker Worm

[0x4] Thoughts on Security of the Corporate documents

[0x5] Are Security Audits necessary ?

[0x6] RFID, its implications and how to defeat

[0x7] Assesing Risks

[0x8] FBI Raids: Pertinent or Paranoid?

[0x9] Protecting Children Online

[0xA] Sarbanes Oxley and IT

NYT > Cryptography

News about Cryptography, including commentary and archival articles published in The New York Times.

[0x1] Britain’s GCHQ Uses Online Puzzle to Recruit Hackers

[0x2] How Revolutionary Tools Cracked a 1700s Code

[0x3] How 18th-Century Copiale Cipher Was Cracked

[0x4] One-Time Pad Encryption Dates Back to Telegraph Codebook

[0x5] A Crack in the Code Kryptos Is Keeping

[0x6] Debate Over P vs. NP Proof Highlights Web Collaboration

[0x7] Universities Spar Over Disappearing Electronic Messages

[0x8] Goodbye, Passwords. You Aren’t a Good Defense.

[0x9] Adding Math to List of Security Threats

[0xA] Studios’ DVDs Face a Crack in Security

Feed: Blogs

Contains: 14 categories / 1670 items. Last Updated: 2013-06-18 18:31:55.693297+00:00 Average Rating: 5

[0x1] US PRISM surveillance program and Yahoo’s reaction

[0x2] Oracle fixes 40 Java vulnerabilities today

[0x3] Flash vulnerability allows web cam/microphone spying

[0x4] Treating cyberspace as a new military domain

[0x5] Monitoring and analysis of ZeuS-P2P botnet

[0x6] Can quantum computing be the key to a much safer power grid?

[0x7] It's Patch Tuesday again

[0x8] When Security Poses a Security Threat

[0x9] Will New HIPAA Rules Impact Your Organization?

[0xA] June’s Newsletters Teaser

CSOONLINE.com - Federated Identity

[0x1] Three ID management challenges

[0x2] Federated Identity Management Still Faces Logistic Hurdles

[0x3] Leverage government innovation to reduce the risks of Web 2.0 identity management

[0x4] SaaS, Security and the Cloud: It's All About the Contract

[0x5] Social Networking a Tool for More Secure Identity Management? No Joke!

[0x6] News Flash: Data Debauchery That Happens in Vegas Doesn't Stay There

[0x7] Why Security Pros Hate Microsoft SharePoint (and What to Do About It)

[0x8] Federated ID: An Idea Whose Time Never Came?

[0x9] Identity Management: Implementation Dos and Dont's

[0xA] Identity Management: Critical Components

Network World on Firewalls

The latest firewall news, analysis and reviews on NetworkWorld.com.

[0x1] McAfee offers business endpoint security suites for broader protection

[0x2] McAfee to acquire firewall maker Stonesoft

[0x3] Sophos fixes vulnerabilities in its Web security appliance

[0x4] Where do Cisco's network security plans go from here?

[0x5] Security appliances are riddled with serious vulnerabilities, researcher says

[0x6] Users flock to Japan student's firewall-busting thesis project

[0x7] Kaspersky Internet Security 2013 bug can lead to system freeze

[0x8] Barracuda Networks takes further steps to close backdoor access to its network gear

[0x9] Kaspersky Lab adds mobile and system management to its business security offering

[0xA] Check Point, Juniper, Stonesoft shine in low-end network firewall test

Rational Survivability

PLEASE NOTE: I HAVE PERMANENTLY MOVED MY BLOG TO http://www.rationalsurvivability.com/blog <-- All these posts/comments have been moved there and all new posts since May 2009 appear there.

[0x1] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved To http://www.rationalsurvivability.com/blog

[0x2] IMPORTANT REMINDER: My Blog and RSS Feed Have Moved

[0x3] IMPORTANT: Moving My Blog & RSS Feed

[0x4] BeanSec! Wednesday, March 18, 2009 - 6PM to ?

[0x5] How To Be PCI Compliant in the Cloud...

[0x6] On the Overcast Podcast with Geva Perry and James Urquhart

[0x7] More On Clouds & Botnets: MeatClouds, CloudFlux, LeapFrog, EDoS and More!

[0x8] Source Boston - Video Interviews of Security Rockstars...

[0x9] Oh Noes: We Can't Monitor/Protect Against Intra-VM Traffic!

[0xA] Sun vs. Cisco? I'm Getting My Popcorn...

Upcoming Security Alerts

Upcoming Security Alerts

[0x1] Oracle Database

[0x2] Oracle Database

[0x3] Oracle Database

[0x4] Oracle Secure Enterprise Search

[0x5] Documentation bug concerning a special privilege

[0x6] Oracle Database

[0x7] Oracle Database

[0x8] Oracle Database

[0x9] Oracle Database

[0xA] Oracle Database

Exploit Files ≈ Packet Storm

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

[0x1] MoinMoin twikidraw Action Traversal File Upload

[0x2] Solaris 10 Patch Cluster File Clobber

[0x3] Joomla Cryptography Weakness

[0x4] Canon Printer DoS / Secret Disclosure

[0x5] imacs CMS 0.3.0 Shell Upload

[0x6] Et-Chat 3.07 Privilege Escalation / Shell Upload

[0x7] Bloofox CMS 0.5.0 Shell Upload

[0x8] Havalite CMS 1.1.7 Shell Upload

[0x9] SPBAS Business Automation Software 2012 XSS / CSRF

[0xA] Fly-High CMS 2012-07-08 Shell Upload

Latest Articles on Security

ZDNet UK's news and analysis for business leaders includes 10,492 articles on Security

[0x1] Chip-and-pin bypass used in £48m fraud scheme

[0x2] MI5 chief: Massive cybercrime wave putting businesses at risk

[0x3] NatWest failure: Special report

[0x4] NatWest faces probe, compensation claims over balance glitch

[0x5] RBS faces probe, compensation claims over balance glitch

[0x6] Bromium's new twist on BYOD malware: Cordon it off with micro VMs

[0x7] Communications Data Bill is suffering from a communications breakdown

[0x8] Opposition grows to 'Snoopers' Charter' amid data-mining fears

[0x9] LulzSec suspect Cleary indicted in US over X Factor hack

[0xA] 'Snoopers' charter' will force ISPs to monitor Facebook, Twitter

LinuxSecurity.com: Foresight Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] Foresight: firefox

[0x4] Foresight: python

[0x5] Foresight: firefox

[0x6] Foresight: imageop

[0x7] Foresight: nss_ldap

[0x8] Foresight: rsync

[0x9] Foresight: e2fsprogs

[0xA] Foresight: tetex

Leetupload News

The latest news for Leetupload.com's largest hacker's database!

[0x1] Mind the Gap!

[0x2] No Root for You -- ISACA

[0x3] Good.Times.Search.Engine -- Hack a Day

[0x4] New Tutorial - How the Microprocessor Works

[0x5] Famous - Copper Heatsink/Wine Chiller Idea on engadget and Hack a Day!

[0x6] Copper Heatsink on the Rocks Mod Finished

[0x7] Another Tutorial - Technical Practical Jokes

[0x8] New Tutorial - Campus WarWalking

[0x9] IRC Up For Use, and IRC Java Client is Here to Stay!

[0xA] VIRII AND EXPLOIT DATABASE IS UP!

National Security

National Security

[0x1] Secret Surveillance Credited With Preventing Terror Acts

[0x2] Will The U.S. Military Really Welcome Women On Battlefields?

[0x3] Obama's Unplanned NSA Discussion

[0x4] Obama's Former Legal Adviser Urges U.S. To 'Disciple Drones'

[0x5] President Obama, 'Honest And Trustworthy?'

[0x6] Why The FISA Court Is Not What It Used To Be

[0x7] NSA Leaker Snowden Defends Actions In Live Web Chat

[0x8] After SCOTUS DNA Ruling, What Changes For Police?

[0x9] 'Guardian': Documents Show Britain, U.S. Spied At World Summits

[0xA] Obama To Name Top Lawyer As Guantanamo Closure Envoy

The Falcon's View

Mental meanderings of an infosec obsessive...

[0x1] Joining Gartner

[0x2] 3 Quick Updates

[0x3] Arguing Against the Absurd is Easy, But Not Helpful

[0x4] Thoughts On RSA US 2013...

[0x5] RSA 2013: Interview with Gen. Raduege (ret.)

[0x6] And so it begins...

[0x7] We Don't Need More Frameworks or "Best Practices"

[0x8] Security Isn't Something You "Do"

[0x9] "The Phoenix Project" - A Must Read for 2013

[0xA] Science Friday: Perception Is a Powerful Thing

Techworld.com networking

Latest IT articles from Techworld's networking channel

[0x1] Canonical taps international mobile carriers for mobile advice

[0x2] US states' attorneys general to take aim at Internet 'safe harbor' law

[0x3] UK smart grid mass rollout moves a step closer

[0x4] Yahoo discloses user data requests from US law enforcement agencies

[0x5] Sprint sues Dish, Clearwire over takeover plan

[0x6] Instart Logic promises to beat Akamai at own game

[0x7] Obama directs agencies to move toward sharing spectrum

[0x8] CERN replaces proprietary video conferencing system with Vidyo

[0x9] New terms in Sprint contracts look toward WiMax shutdown

[0xA] New Cisco core router boasts 10X capacity of original

TraverseCode

Threat Research Blog

[0x1] Advantages of being a Reverse Engineer – Part 1

[0x2] Trojan Tinba – Another Financial Crimeware

[0x3] Analysis of *Document* Stealer Trojan Developed in Perl

[0x4] |From: PDF@Exploit| |To: Zeus@Trojan| |Subject: Steals Bank Credentials|

[0x5] Don’t press F1 key in Windows XP

[0x6] Traversing a ‘DLL’: Financial Crimeware (Banker)

[0x7] Orkut Phishing using Blogspot account

[0x8] Social Engineering – Fake TwitterIM Download

[0x9] Scam Mail targeting Indian users “Tax Refund Online Form”

[0xA] Chase Bank Phishing scam Mail

National Vulnerability Database

This feed contains the most recent CVE cyber vulnerabilities published within the National Vulnerability Database.

[0x1] CVE-2013-3744

[0x2] CVE-2013-3743

[0x3] CVE-2013-2473

[0x4] CVE-2013-2472

[0x5] CVE-2013-2471

[0x6] CVE-2013-2470

[0x7] CVE-2013-2469

[0x8] CVE-2013-2468

[0x9] CVE-2013-2467

[0xA] CVE-2013-2466

Help Net Security - News

Help Net Security - your homepage for all the information security news

[0x1] Employees biggest IT threat to businesses

[0x2] Facebook once again accessible via Tor

[0x3] (IN)SECURE Magazine issue 38 released

[0x4] Google asks secret court permission to publish FISA numbers

[0x5] Failed backups endanger revenue and productivity

[0x6] Oracle releases critical security updates for Java

[0x7] How to detect hidden administrator apps on Android

[0x8] CyanogenMod founder aims to thwart data-grabbing apps

[0x9] Bill aims to regulate email privacy in the cloud

[0xA] Businesses not fully implementing infosec programs

Techworld.com security

Latest IT articles from Techworld's security channel

[0x1] Bank of England ranks cyber attacks above Eurozone crisis as biggest threat

[0x2] Start-up tackles advanced persistent threats on Microsoft, Apple computers

[0x3] Jailed phishing gang targeted banks in 14 countries, police say

[0x4] Firms take 10 hours to spot data breaches, McAfee finds

[0x5] European trust in US compromised, says EU data protection head

[0x6] The NSA's Prism must be countered with public policy, says crypto guru Phil Zimmermann

[0x7] Does encryption really shield you from government's prying eyes?

[0x8] EU justice commissioner on Prism: EU citizens' rights are not negotiable

[0x9] Oracle to ship 40 security fixes for Java SE

[0xA] Spy-proof enterprise encryption is possible, but daunting

Bugtraq

The premier general security mailing list. Vulnerabilities are often announced here first, so check frequently!

[0x1] [SECURITY] [DSA 2628-2] nss-pam-ldapd update

[0x2] [SECURITY] [DSA 2698-1] tiff security update

[0x3] APPLE-SA-2013-06-18-1 Java for OS X 2013-004 and Mac OS X v10.6 Update 16

[0x4] Re: Apple and Wifi Hotspot Credentials Management Vulnerability

[0x5] Apple and Wifi Hotspot Credentials Management Vulnerability

[0x6] [SECURITY] [DSA 2710-1] xml-security-c security update

[0x7] FreeBSD Security Advisory FreeBSD-SA-13:06.mmap

[0x8] Re: CVE-2013-2156: Apache Santuario C++ heap overflow vulnerability

[0x9] CVE-2013-2154: Apache Santuario C++ stack overflow vulnerability

[0xA] CVE-2013-2155: Apache Santuario C++ denial of service vulnerability

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] Exploitation of Self-Only Cross-Site Scripting in Google Code

[0x2] The Beginners Guide to XSS

[0x3] Blog: Reducing XSS by way of Automatic Context-Aware Escaping in Template Systems

[0x4] Browser Hijacking Techniques 2009

[0x5] WordPress.com permanent XSS vulnerability

[0x6] How to write a XSS (cross site scripting) worm for McCodes sites

[0x7] Open redirect vulnerabilities: definition and prevention

[0x8] Paper: Smashing the Web for fun & profit using XSS

[0x9] Paper: Defending against XSS with .NET

[0xA] Paper: Carnival, or how to camouflage data for XSS filters

CSOONLINE.com - Global Security

[0x1] Wall Street sets example for testing security defenses

[0x2] Women leaders in security recognized

[0x3] Next-wave malware aims for mayhem, not money

[0x4] Telecom seeks critical infrastructure status for IT vendors

[0x5] Hot security skills of 2013

[0x6] EU Parliament makes more than 900 changes to data privacy law

[0x7] Privacy compliance laws: Why the European Commission has finally got it right

[0x8] Revolutionary evolution: The Internet of things and things to come

[0x9] Working the kinks out of your supply chain

[0xA] FBI cybersecurity shift draws skepticism from experts

Reuters: Top News

Reuters.com is your source for breaking news, business, financial and investing news, including personal finance and stocks. Reuters is the leading global provider of news, financial information and technology solutions to the world's media, financial institutions, businesses and individuals.

[0x1] Somali Islamist rebels attack U.N. compound in Mogadishu

[0x2] Afghan government to shun U.S. talks with Taliban

[0x3] Suicide bomber embraces and kills Sunni politician in Iraq

[0x4] Afghans must talk to each other for peace, Obama says

[0x5] World Bank watching Fed, ready to respond

[0x6] Rohani once approved of hiding Iran atomic work

[0x7] Internet monitoring must have proper limits, Merkel tells Obama

[0x8] Dozens held in Turkey, silent protester goes viral

[0x9] Obama to set nuclear arms cut goal in Berlin speech

[0xA] Fed seen keeping options open on pace of bond buying

The Web Application Security Consortium / FrontPage

The Web Application Security Consortium (WASC) is an international group of experts, industry practitioners, and organizational representatives who produce open source and widely agreed upon best-practice security standards for the World Wide Web.

[0x1] Robert Auger edited FrontPage

[0x2] Robert Auger edited FrontPage

[0x3] Robert Auger edited FrontPage

[0x4] Robert Auger edited FrontPage

[0x5] Robert Auger edited FrontPage

[0x6] Robert Auger edited FrontPage

[0x7] Robert Auger edited FrontPage

[0x8] Robert Auger edited FrontPage

[0x9] Robert Auger edited FrontPage

[0xA] Robert Auger edited FrontPage

CSOONLINE.com - Business Continuity

[0x1] ERM: The basics

[0x2] Integrating business continuity management with IT risk management

[0x3] A taxonomy for the National Cybersecurity Doctrine

[0x4] 3 MORE tabletop exercises for business continuity

[0x5] Drilling for disaster at LAX

[0x6] 4 tech trends in IT disaster recovery

[0x7] Disaster recovery is a success just waiting to happen

[0x8] How to start a business continuity program

[0x9] 4 critical trends in IT business continuity

[0xA] A clear-eyed look at APT

Security forum - dslreports.com community

Security forum current topics

[0x1] Microsoft Security Bulletin Minor Revisions - June 18, 2013

[0x2] backdoor in processors?

[0x3] Yahoo to Users: Let Us Read Your Emails or -- Goodbye!

[0x4] John McAfee - How To Uninstall McAfee Antivirus - wtf? 2013

[0x5] Paranoid about hacked email, Yahoo, Paypal or Ebay = no help

[0x6] Wary of tracking, users flock to DuckDuckGo

[0x7] Logging capabilities of consumer/SOHO grade routers

[0x8] Java SE Version 7 Update 25 Released

[0x9] Behold the 5 stages of living in a national surveillance st.

[0xA] Driver License number

CGISecurity - Website and Application Security News

All things related to website, database, SDL, and application security since 2000.

[0x1] WASC Announcement: Static Analysis Technologies Evaluation Criteria Published

[0x2] Poll: How do you rank the importance of a vulnerability?

[0x3] Five pieces of advice for those new to the infosec industry

[0x4] Security Industry Plagiarism: Finding 3 examples in 5 minutes with Google

[0x5] Quick defcon/blackhat preparation list

[0x6] Summary of Google+ browser security protections

[0x7] Paper: Web Application finger printing Methods/Techniques and Prevention

[0x8] Oracle website vulnerable to SQL Injection

[0x9] WASC Announcement: 'Static Analysis Tool Evaluation Criteria' Call For Participants

[0xA] Results of internet SSL usage published by SSL Labs

Linux Journal - The Original Magazine of the Linux Community

Since 1994: The Original Monthly Magazine of the Linux Community

[0x1] Non-Linux FOSS: libnotify, OS X Style

[0x2] Containers—Not Virtual Machines—Are the Future Cloud

[0x3] Lock-Free Multi-Producer Multi-Consumer Queue on Ring Buffer

[0x4] Weechat, Irssi's Little Brother

[0x5] One Tail Just Isn't Enough

[0x6] Introduction to MapReduce with Hadoop on Linux

[0x7] Android's Limits

[0x8] June 2013 Issue of Linux Journal: Android

[0x9] IPv6

[0xA] Add More Fruit to Your Raspberry Pi!

Command Line Kung Fu

This blog will include fun, useful, interesting, security related, non-security related, tips, and tricks associated with the command line. It will include OS X, Linux, and even Windows!

[0x1] Episode #167: Big MAC

[0x2] Episode #166: Ping A Little Log For Me

[0x3] An AWK-ward Response

[0x4] AWK-ward!

[0x5] Episode #165: What's the Frequency Kenneth?

[0x6] Episode #164: Exfiltration Nation

[0x7] Episode #163: Pilgrim's Progress

[0x8] Episode #162: Et Tu Bruteforce

[0x9] Episode #161: Cleaning up the Joint

[0xA] Episode #160: Plotting to Take Over the World

Verizon Center - News

Keep up with the latest news surrounding Verizon Center. Managed and owned by Monumental Sports & Entertainment, Verizon Center is home to the NBA’s Washington Wizards, the WNBA’s Washington Mystics, the NHL’s Washington Capitals, and the Georgetown Hoyas Men’s Basketball teams. Located in the heart of Chinatown above the Gallery-Place Chinatown Metro stop, Verizon Center is only a few steps away from the White House and hosts more than 220 events and concerts each year.

[0x1] Andrea Bocelli U.S. Tour Kicks-Off Next Month - Dec 2 Show at Verizon Center

[0x2] Roger Waters "The Wall" Returns to North America in 2012 - Includes July 12 Show at Verizon Center

[0x3] Remarkable Rookie Class Highlights Harlem Globetrotters Arrival Into DC and Fairfax March 24-25

[0x4] 17th Annual BB&T Classic - Dec 4 at Verizon Center

[0x5] Hard Times Cafe Brings Local Fare to Verizon Center

[0x6] Monumental Report to Serve as Hyper-Local Online Community Platform

[0x7] KMART presents WWE Holiday Tour Dec 29

[0x8] Verizon Center Debuts Mobile App

[0x9] Cirque du Soleil - Quidam - Nov 16 through 20

[0xA] JAY-Z and Kanye West: Watch the Throne Tour Nov 3

FaberBrent Security Blog

Security risk resilience TSCM debugging security news corporate espionage counter surveillance covert investigations counter terrorism ITSEC Bug sweeping

[0x1] The birth of the mobile phone and PCI payment

[0x2] Nearly half of Brits use the same password for all accounts

[0x3] $27 billion lawsuit could fold due to $50 covert surveillance device

[0x4] Shocking - The DWP do not keep records of how many times your data has been abused

[0x5] Met Police report shows CCTV costs £20,000 per single conviction - how many would an extra officer get per year?

[0x6] Charity offices bugged

[0x7] Mobile-phone handset complexity - the criminals friend.

[0x8] The security lessons from Britian's largest jewellery robbery

[0x9] Labour MP and Dutch VIP's suffer website data leaks found by a Google search

[0xA] Black-hatter shows how to utilise memory in Apple keyboard to create a hardware key-logger

Social-Engineer.Org » Blog

Security Through Education

[0x1] The Onion Gets Hacked

[0x2] Who is the Deadliest Social Engineer? Defcon 21 SECTF

[0x3] The Secret To Chinese Hackers Success

[0x4] Real Life and the Application of Social Engineering Part VI

[0x5] “High Profile” Xbox Live Accounts Hacked

[0x6] Holy Fakery! Social Engineering The Vatican

[0x7] Dumpster Diving in Georgia

[0x8] The Beat of Social Media Engineering

[0x9] A Good Lesson on Reading Nonverbals with David Kennedy

[0xA] Real Life and the Application of Social Engineering Part IV

dropsafe

network security, digital rights and bicycles

[0x1] Wanna bet that CESG was using Man-in-the-Middle SSL with a fake cert/CA?

[0x2] Is it “Identity Theft” when people simply lie?

[0x3] Seems to be a new PDF (malware?) spam doing the rounds: “Gmail Verification Alerts”

[0x4] Mark Zuckerberg “Likes” Something That’s Awesome: Baby Foxes # FB Foxes make Gawker headlines

[0x5] This story confuses me; are Google soon to to drop XMPP (and/or GTalk) entirely?

[0x6] Hackers prepare for first “national holiday” in their honor – Boing Boing

[0x7] The Daily Beast as seen by Ghostery

[0x8] …aaaaaand I’m back.

[0x9] STOOPIDTALL – CICLAVIA 2013 – LA BIKE CULT on Vimeo #MUSTWATCH

[0xA] MUST READ: What’s wrong with “Good, clean wi-fi”?

CSOONLINE.com - Data Protection

[0x1] Google asks to make surveillance orders public, citing First Amendment

[0x2] U.S. officials: Surveillance helped stop 50 terrorist plots

[0x3] How to evaluate the risk of outsourcing locations

[0x4] Prism doesn't have CIOs in a panic -- yet

[0x5] Most Data Breaches Caused by Human Error, System Glitches

[0x6] Why we can't stop malicious insiders

[0x7] NSA can access data without court approval, Snowden says

[0x8] UK spy agency reportedly intercepted email of delegates at G20 meetings in 2009

[0x9] Apple received thousands of data requests from US law enforcers

[0xA] Rising SSL traffic to degrade firewall performance

Tactical Web Application Security

Tac-ti-cal: of or relating to combat tactics: of or occurring at the battlefront <a tactical defense>

[0x1] My New Book: The Web Application Defender's Cookbook

[0x2] Mass Joomla Component LFI Attacks Identified

[0x3] What Web Application Security Monitoring Can Learn From Casino Surveillance

[0x4] WASC WHID Semi-Annual Report for 2010

[0x5] Moving to the Trustwave SpiderLabs Research Team

[0x6] Spammers using Twitter's Update Status API

[0x7] Back to the Future - Economies of Scale Techniques from 2008 Still in Use Today

[0x8] Zone-H Defacement Statistics Report for Q1 2010

[0x9] BSIMM2 and WAFs

[0xA] Botnet Herders Targeting Web Servers

GLOBAL SECURITY ADVISOR RESEARCH BLOG

[0x1] Win32/DomaIQ - An annoying bundled adware.

[0x2] Chrome Bug: Smile, you are photographed!

[0x3] Time to disable Java from your browser?

[0x4] How much our network information is really safe?

[0x5] How much evil can be swallowed?

[0x6] New worm infects removable drives.

[0x7] Got Charger?

[0x8] The Woolwich Murder: Hackers vs. Extremists

[0x9] Infected Message from Skype.

[0xA] Worm Win32/VBDoc - Evolution

Security Career/Staffing

[0x1] 5 questions with Alissa Torres, SANS Instructor and Incident Handler at Mandiant

[0x2] Ten tweets with David Litchfield

[0x3] 5 questions with former DuPont CISO Larry Brock

[0x4] Times may change, but the CSO's song remains the same

[0x5] The security certification debate continues

[0x6] Leaked Mitch McConnell/Ashley Judd recording highlights potential for insider threat

[0x7] Is there a disconnect between demand for security jobs and certifications?

[0x8] Payments company tabs Maloney as CISO

[0x9] How to be a confident infosec pro

[0xA] (ISC)2 report says security departments are understaffed

Palisade Magazine : Application Security Intelligence

A publication by Paladion Networks

[0x1] Quiz: Specifying life time for a webpage

[0x2] SAP Baseline Security Audit

[0x3] Defeating Encryption in Some Thick Clients

[0x4] Database Links Security

[0x5] Quiz: Proposal to amend Same Origin Policy

[0x6] Cache Control Directives Demystified

[0x7] The Payment Application Data Security Standard (PA DSS)

[0x8] Defend against Reverse Engineering

[0x9] Quiz: Cross Site Printing

[0xA] CSRF - The hidden menace

Aladdin Knowledge Systems Latest eToken Press Releases

Aladdin Knowledge Systems Latest eToken Press Releases - RSS Feed

[0x1] Ontario's York Regional Police Meet Canadian Government Regulations with Aladdin eToken

[0x2] Russian Bank Secures Online Banking with Aladdin Authentication

[0x3] Aladdin eToken Solidifies Its Position in Government Sector on Carahsoft GSA Schedule

[0x4] Aladdin eToken and Aladdin SafeWord are Verified as Citrix Ready

[0x5] Aladdin and Wyse Partner to Secure Virtual Desktops

[0x6] Korea's Largest Bank Deploys 5,000 Aladdin eToken Authentication Devices

[0x7] Aladdin Secures Transactions for China's Largest Online Financial Information and Services Provider

[0x8] Aladdin eToken Debuts New Generation of Strong Authentication Solutions

[0x9] Toronto-Area Police Secure Data and Meet CPIC Regulations with Aladdin eToken

[0xA] Secure Computing Named Reader Trust Finalist in SC Magazine Award Program and Best of 2006 in Three Categories

IT.com.mk

[0x1] Кина со „Млечниот пат 2“ се врати на врвот на листата на суперкомпјутери

[0x2] Видео пораките преку Skype сега се достапни и за декстоп верзиите

[0x3] Џиновските 90 инчни телевизори на Sharp пристигнаа во Европа

[0x4] Хакнат iPad iOS7 симулатор го откри изгледот на мапите, Safari и гејминг центарот

[0x5] Со надоградбата на Creative Cloud, Adobe става крај на Creative Suite пакетите

[0x6] Обама застана во одбрана на програмите за шпионирање

[0x7] Апликација на денот: Следете си ги дневните трошоци со словенскиот стартап Тoshl Finance

[0x8] Првиот европски гејминг акселератор, Gamefounders, бара нови стартапи

[0x9] Google сака да ја забрани детската порнографија на Интернет

[0xA] Британците ги прислушувале странските дипломати на лондонскиот G20 самит во 2009 година

Techworld Blogs

Aggregate feed of all active Techworld Blogs

[0x1] Are ESTA visa scams really dead? Not yet

[0x2] Migrating to a data centre part 2: What to do with your old infrastructure?

[0x3] God Save the Internet

[0x4] Knight Rider is becoming a reality

[0x5] The 3D Industrial revolution

[0x6] Defining what it means to be hybrid cloud

[0x7] Ethernet is 40 - from Alohanet to Terabit and beyond

[0x8] Flexible working for all: breaking down the corporate class system

[0x9] WebRTC: Telecom's Demise or its Saviour?

[0xA] IBM gives tech entrepreneurs a leg-up

Security Intelligence and Big Data | raffy.ch - blog

Big data analytics and visualization

[0x1] Advanced Network Graph Visualization with AfterGlow

[0x2] Visualizing Packet Captures For Fun and Profit

[0x3] Big Data Security Intelligence – nothing to see here – move along

[0x4] The Steps To a Mature Visual Analytics Practice

[0x5] Cyber Security Visualization – Grand Challenge

[0x6] Learning About Log Analysis and Visualization in Taipei

[0x7] Logging Guidelines Enable Actions

[0x8] Why a Cloud Logging Standard Doesn’t Make Any Sense

[0x9] Mid January Roundup

[0xA] links for 2011-01-07

TechRadar: Internet news

TechRadar UK latest feeds

[0x1] Gartner says cloud to account for third of office systems

[0x2] Microsoft drops linked accounts on Outlook.com

[0x3] Dell Software sets sights on BYOD and cloud

[0x4] How to buy and implement a hybrid cloud

[0x5] Bitcoin success will lead to even cheaper online prices: Millennius

[0x6] Updated: Instagram video to launch at Facebook's June 20 event?

[0x7] Adobe launches new features on Creative Cloud

[0x8] Research links IT confidence to SMB strategies

[0x9] Yahoo provides numbers to prove Prism innocence

[0xA] Digg Reader launching next week

Evilcodecave's Weblog

Just another RCE Weblog

[0x1] Definitively Moved to Blogspot

[0x2] Fast Overview of SpyEye

[0x3] Rootkit Agent.adah Anatomy and Executables Carving via Cryptoanalytical Approach

[0x4] PHP/Spy.Bull Cryptanalysis of Encryption used and Threat Analysis

[0x5] Siberia ExploitPack and PDF Exploit Analysis

[0x6] DNAScan Malicious Network Activity Reverse Engineering

[0x7] Avast aswRdr.sys Kernel Pool Corruption and Local Privilege Escalation

[0x8] PHPSpyScanBot Analysis

[0x9] [Crimeware] Researches Reversing about Eleonore Exploit Pack

[0xA] [Crimeware] Researches and Reversing about Eleonore Exploit Pack

ITWeb News Feed

Latest ICT news

[0x1] Apple stock breaks $300 for first time

[0x2] Sony delays Gran Turismo release

[0x3] MS deepens Facebook ties

[0x4] Media firms approached on Yahoo sale

[0x5] Doing more with less

[0x6] Bytes People Solutions honoured

[0x7] Virtualisation benefits SME market

[0x8] MCI adapts Adapt on Demand

[0x9] Intel reports $11bn revenue quarter

[0xA] Konica Minolta SA offers green toner

Check Point Update Services Advisories

You are viewing a feed that contains frequently updated content. When you subscribe to a feed, it is added to the Common Feed List. Updated information from the feed is automatically downloaded to your computer and can be viewed in Internet Explorer and other programs.

[0x1] Internet Explorer CTreeNode Memory Corruption (MS13-047; CVE-2013-3142)

[0x2] Preemptive Protection against Microsoft Windows TCP/IP Driver Denial of Service (MS13-049; CVE-2013-3138)

[0x3] Internet Explorer Process Memory Corruption (MS13-047; CVE-2013-3114)

[0x4] Internet Explorer Node Objects Use After Free (MS13-047; CVE-2013-3116)

[0x5] Internet Explorer Malformed Tag Memory Corruption (MS13-047; CVE-2013-3123)

[0x6] Internet Explorer Object Use After Free Arbitrary Code Execution (MS13-047; CVE-2013-3110)

[0x7] Microsoft Windows Print Spooler Elevation of Privilege (MS13-050; CVE-2013-1339)

[0x8] Microsoft Internet Explorer HTML Use After Free Memory Corruption (MS13-047; CVE-2013-3139)

[0x9] Microsoft Internet Explorer Multiple Dom Objects Memory Corruption (MS13-047; CVE-2013-3124)

[0xA] Microsoft Internet Explorer Corrupted HTML Code Execution (MS13-047; CVE-2013-3122)

Help Net Security - Vulnerabilities

Help Net Security - your homepage for all the information security news

[0x1] Oracle WebCenter Content CheckOutAndOpen.dll ActiveX Remote Code Execution

[0x2] Microsoft Internet Explorer textNode Use-After-Free

[0x3] IBM SPSS SamplePower C1Tab ActiveX Heap Overflow

[0x4] Nginx HTTP Server 1.3.9-1.4.0 Chuncked Encoding Stack Buffer Overflow

[0x5] Mitsubishi MX Component "ActUWzd.dll" ActiveX Control Heap Buffer Overflow Vulnerability

[0x6] Adobe ColdFusion Information Disclosure Vulnerability (APSB13-13)

[0x7] Oracle Java SE JVM 2D Subcomponent Remote Code Execution Vulnerability (Oracle Security Alert for CVE-2013-1493)

[0x8] phpMyAdmin preg_replace() Input Validation Error Script Execution Vulnerability

[0x9] Microsoft Internet Explorer 8 Use-After-Free Memory Corruption Vulnerability

[0xA] Java Applet Reflection Type Confusion Remote Code Execution

CSOONLINE.com - Investigations/Forensics

[0x1] Big Data Investigations: Opportunity and Risk

[0x2] Defense contractor under cyberattack for three years

[0x3] Dutch bill seeks to give law enforcement hacking powers

[0x4] Wake up! Boston bombings a call for renewed citizen vigilance

[0x5] Boston bombings was not about failed intelligence

[0x6] One in five data breaches are the result of cyberespionage, Verizon says

[0x7] Harvard e-mail probe sparks privacy concerns

[0x8] New breed of organized criminals aided by Internet, says Europol

[0x9] Increased spy access to Americans' banking data raises privacy concerns

[0xA] HP offering data-breach response and remediation services

contagio

malware dump

[0x1] DeepEnd Research: Under this rock... Vulnerable Wordpress/Joomla sites... Overview of the RFI botnet malware arsenal

[0x2] Collection of Pcap files from malware analysis

[0x3] DeepEnd Research - Library of Malware Traffic Patterns

[0x4] An Overview of Exploit Packs (Update 19.1) April 2013

[0x5] CVE-2013-0640 samples listing

[0x6] CVE-2013-0804 Novell GroupWise 2012 Multiple Untrusted Pointer Dereferences Exploitation by Brian Mariani & Frédéric Bourla

[0x7] 16,800 clean and 11,960 malicious files for signature testing and research.

[0x8] DarkSeoul - Jokra - MBR wiper samples

[0x9] Mandiant APT1 samples categorized by malware families

[0xA] Linux/CentOS SSHd Spam Exploit — libkeyutils.so.1.9 - sample

Technibble

Helping Computer Technicians Become Computer Business Owners

[0x1] Call That Girl’s 3 eBook Sale ENDS TOMORROW

[0x2] Call That Girl’s 3 eBook Sale – Remote Support, Social Media, Manual of Operations

[0x3] LastActivityView – Create a Log of The Last Actions Made by the User

[0x4] Instant Housecall and D7 Team Up To Create: Remote D7

[0x5] Windows Home Server Review

[0x6] Starting Out on Your Own as a Computer Technician

[0x7] Boost Referral Business by Encouraging Your Clients to Talk About You

[0x8] SEO Tips for Your Technician Website in 2013

[0x9] Introducing the Technibble Podcast

[0xA] Encouraging Your Clients to Use an Experienced Computer Technician

US-CERT Tips

US-CERT Tips describe and offer advice about common security issues for non-technical computer users. Tips are restricted to a single topic, although complex issues may span multiple tips. Each tip builds upon the knowledge, both terminology and content, of those published prior to it.

[0x1] ST06-006: Understanding Hidden Threats: Corrupted Software Files

[0x2] ST06-001: Understanding Hidden Threats: Rootkits and Botnets

[0x3] ST10-001: Recognizing Fake Antiviruses

[0x4] ST06-004: Avoiding the Pitfalls of Online Trading

[0x5] ST04-014: Avoiding Social Engineering and Phishing Attacks

[0x6] ST06-005: Dealing with Cyberbullies

[0x7] ST04-009: Identifying Hoaxes and Urban Legends

[0x8] ST05-019: Preventing and Responding to Identity Theft

[0x9] ST04-016: Recognizing and Avoiding Spyware

[0xA] ST05-006: Recovering from Viruses, Worms, and Trojan Horses

Aladdin Knowledge Systems Latest Press Releases

Aladdin Knowledge Systems Latest Press Releases - RSS Feed

[0x1] Ontario's York Regional Police Meet Canadian Government Regulations with Aladdin eToken

[0x2] Software Piracy in a Recession - Getting Kicked When You Are Down

[0x3] China's Largest CAD/CAM Software Developer Selects Aladdin HASP SRM

[0x4] HASP SRM v 3.60 Provides Automatic File Wrapping for Windows x64 Applications

[0x5] Aladdin Knowledge Systems to Hold Extraordinary General Meeting of Shareholders on February 20, 2009

[0x6] Blog: When good blogs go bad. Or, What is cool about promoting software piracy?

[0x7] Aladdin Announces HASP SRM SaaS Pass

[0x8] Aladdin Knowledge Systems Enters Into Merger Agreement with Vector Capital Affiliate

[0x9] Aladdin Knowledge Systems Comments on Media Reports about Jasmine Discussions

[0xA] Aladdin Named Finalist in 2009 SC Awards Program

PaulDotCom

[0x1] Creating Malicious Firmware with Firmware-Mod-Kit

[0x2] EPISODE 336 WITH GUEST PETE LINDSTROM & TECH SEGMENT WITH BRO IDS'S LIAM & SETH THURSDAY 6PM ET

[0x3] Breaking News!

[0x4] EPISODE 335 WITH GUEST BILL STEARNS & TECH SEGMENT WITH PHIL HAGEN THURSDAY 6PM ET

[0x5] Hack Naked TV Episode 56

[0x6] EPISODE 334 WITH GUEST ANDY ELLIS & TECH SEGMENT WITH GREG HETRICK THURSDAY 6PM ET

[0x7] Interview with Chris Truncer - Episode 333

[0x8] Interview with Gunnar Peterson - Episode 333

[0x9] SSH over Stunnel for IDS evasion

[0xA] EPISODE 333 WITH GUEST GUNNAR PETERSON & TECH SEGMENT WITH CHRIS TRUNCER THURSDAY 6PM ET

Outscribe

All The Tech That Matters...

[0x1] Binatone iHomePhone 2 Is An Android Landline Phone No One Should Own

[0x2] Smart Battery Charger

[0x3] 128 MB Is Gigantic File Size For Microsoft

[0x4] Happy New Year 2011

[0x5] Android Infographic

[0x6] The Android Privacy Fuss

[0x7] The 47 Top Apps On My Android Phone

[0x8] [Updated] Yes, Google Is Testing Android Paid Apps In India

[0x9] Successful Migration of My Blog to WordPress

[0xA] Blog Under Maintenance – Update

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] Diigo Toolbar - Global XSS and Information Leakage in SSL URLs

[0x2] Dot Net Nuke (DNN) XSS Vulnerability

[0x3] Sun Java Server Faces Input Handling Cross-Site Scripting

[0x4] ManageEngine ServiceDesk Plus Cross-Site Scripting Vulnerability

[0x5] Savvy Content Manager "searchterms" Cross-Site Scripting

[0x6] Alkacon OpenCms "filePath" Cross-Site Scripting and File Disclosure

[0x7] IBM Lotus QuickPlace Cross-Site Scripting Vulnerability

[0x8] BosClassifieds Classified Ads System "returnTo" Cross-Site Scripting

[0x9] Zimbra Collaboration Suite Script Insertion Vulnerability

[0xA] WebCT Mail/Discussion Board Message Script Insertion

CSOONLINE.com - Disaster Recovery

[0x1] Hackers could be fair game for deadly force, cyberwar experts say

[0x2] Lessons from Sandy: Clarity in the eye of a cyberstorm

[0x3] Business Continuity and Disaster Recovery Planning: The Basics

[0x4] 3 MORE tabletop exercises for business continuity

[0x5] Drilling for disaster at LAX

[0x6] 4 tech trends in IT disaster recovery

[0x7] How to start a business continuity program

[0x8] Severe space weather: How big a threat?

[0x9] Does my company need business continuity software?

[0xA] Cloud and disaster recovery: Load-balanced data centers are not a perfect solution

GlobalSecurity.org

Reliable Security Information from GlobalSecurity.org.

[0x1] G-8 Leaders Communique

[0x2] Department of Defense Press Briefing with Gen. Dunford from the Pentagon Briefing Room

[0x3] Background Briefing by Senior Administration Officials on Afghanistan - Via Conference Call

[0x4] Opening remarks by NATO Secretary General Anders Fogh Rasmussen at the joint press point with President Karzai of Afghanistan

[0x5] Statement by Secretary of Defense Chuck Hagel on Milestone 2013 in Afghanistan

[0x6] NATO Secretary General in Kabul as Afghan security forces take lead countrywide

[0x7] Military healthcare starts transitioning to Afghan control

[0x8] Transition Opens New Opportunities in Afghanistan, Region

[0x9] Afghan Forces Take Security Lead for Entire Nation

[0xA] Afghans take security lead across Afghanistan

Dana Epp's ramblings at the Sanctuary

Life, the Universe and everything Security

[0x1] Announcing Elevation of Privilege: The Threat Modeling Game

[0x2] Reflecting on our Windows 7 birthday party

[0x3] Time to party! Windows 7 is here!

[0x4] RunAs Radio podcasts you might want to listen to

[0x5] Coding Tip: Why you should always use well known SIDs over usernames for security groups

[0x6] Major Windows 7 gotcha you should know about that may block you from upgrading

[0x7] Microsoft SDL bans mempcy()... next it will be zeros!!!!

[0x8] Using TS RemoteApp as an attack vector

[0x9] Is Twittering safe?

[0xA] Come have Coffee and Code in Vancouver with me and Microsoft tomorrow

Data Protection

[0x1] Who Has Access to Your Cloud Data?

[0x2] Counter-Strike?

[0x3] Mandiant's APT1: Revisited

[0x4] Cloud Security - Expect Accelerate Deployments Due To Strong Moves By Providers To Improve Security

[0x5] Attacks from China: A survival guide

[0x6] WhiteHat Website Security Statistics Report

[0x7] Data Privacy Heat Map Shows Increasing Global Momentum Towards Data Protection Standards

[0x8] Savage Chickens on information security

[0x9] ThreatMetrix's cautionary infographic on using Starbucks wi-fi

[0xA] Finding Common Threads in Privacy and Information Security Laws.

Edible Apple

Apple News, Rumors, and Analysis

[0x1] Apple moves away from Foxconn, Pegatron steps up

[0x2] iWork is still alive and kickin’

[0x3] What is Siri grateful for?

[0x4] More reports that Apple iPhone 5S production will start this June/July

[0x5] Apple to release multiple new iPhone models this Summer, says Morgan Stanley

[0x6] Bill Gates says iPad users are frustrated because they don’t have Office

[0x7] Apple to release a number of low-cost iPhones – Rumor

[0x8] Why do dinosaurs look so much scarier than creatures today?

[0x9] iPad Mini 2 may be delayed until October due to Retina Display yield issues

[0xA] Apple looking to make big push into cars with iOS 7

Veracode in the News

Read the latest news about Veracode

[0x1] 06.12.2013 Fox Business News - Willis Report

[0x2] 06.10.2013 Information Security Magazine

[0x3] 06.10.2013 SC Magazine

[0x4] 06.11.2013 Boston Business Journal

[0x5] 06.11.2013 Help Net Security

[0x6] 06.10.2013 Wall Street Journal

[0x7] 06.10.2013 Information Security Magazine

[0x8] 06.02.2013 eWeek

[0x9] 05.31.2013 SC Magazine

[0xA] 05.31.2013 MobileWorld Live

SriniCenthala

Welcome ! You come to the right place for datawarehouse , Business Intelligence BI , Extraction Transformation and Loading ETL Process , Decision Support System (DSS) and OLTP System Design , Data Modeler , Data Architect who has extensive experience in building Very Large Systems. Project Management process PMI Process and PMP Certification. Provide help to any one who wants to know about PMO Office setup & also handling any IT Projects.

[0x1] 12th results of 2012 dashboard

[0x2] Workplace Bullying – Stop it from Crushing Morale - Webinar

[0x3] Power of Business data

[0x4] Wish You Happy New Year 2011 !

[0x5] Study in India: www.eduhelp.in

[0x6] Stay Agile & Succeed - Pairworks - Agile Project Management Tool On-Demand

[0x7] PureApp.com - Monitor & Control Continues Integration On-Demand

[0x8] "There are times brick hits your head!"..."Do not lose your faith on what you love to do!"

[0x9] Agile Project Management Tool - www.PairWorks.com

[0xA] Planning for "eServicePlace LinkedIn Application"

OVAL Repository Latest Updates

This feed provides information about the latest updates to the OVAL Repository, including new OVAL definitions; definitions that have changed status (e.g., from Draft to Interim or Interim to Accepted); and definitions that have been modified is posted here. Each update to the OVAL Repository will also update this feed. The OVAL Repository is updated as edits and additions are completed. It is possible for this feed to be updated several times per day, but updates rarely occure more often than once per day.

[0x1] Definition oval:org.mitre.oval:def:7158 has been added to the OVAL Repository.

[0x2] Definition oval:org.mitre.oval:def:16868 has been added to the OVAL Repository.

[0x3] Definition oval:org.mitre.oval:def:16864 has been added to the OVAL Repository.

[0x4] Definition oval:org.mitre.oval:def:16845 has been added to the OVAL Repository.

[0x5] Definition oval:org.mitre.oval:def:16838 has been added to the OVAL Repository.

[0x6] Definition oval:org.mitre.oval:def:16836 has been added to the OVAL Repository.

[0x7] Definition oval:org.mitre.oval:def:16831 has been added to the OVAL Repository.

[0x8] Definition oval:org.mitre.oval:def:16830 has been added to the OVAL Repository.

[0x9] Definition oval:org.mitre.oval:def:16799 has been added to the OVAL Repository.

[0xA] Definition oval:org.mitre.oval:def:16794 has been added to the OVAL Repository.

Abysssec Security Research

Security Researches , Advisories , Coding , Projects , Reversing , Exploitation , Fuzzing

[0x1] DOMSDAY Analyzing a DOM-Based XSS in Yahoo!

[0x2] Exploiting Admin Functionality in WordPress Using ClickJacking

[0x3] Exploiting CVE-2011-2140 another flash player vulnerability

[0x4] Microsoft Excel 2007 SP2 Buffer Overwrite Vulnerability BA / Exploit (MS11-021)

[0x5] bypassing all anti-virus in the world (Good Bye Detection , Hello Infection)

[0x6] Exploit for CVE-2011-0222 Safari SVG Vulnerability

[0x7] Analysis of CVE-2011-0041 vulnerability in GDI+

[0x8] DEP/ASLR bypass using 3rd party + Clarification

[0x9] Exploiting Adobe Flash Player on Windows 7

[0xA] Hacking / Exploiting / Cheating in Online Games

LinuxSecurity.com: Ubuntu Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] Ubuntu: 1883-1: Linux kernel (OMAP4) vulnerabilities

[0x4] Ubuntu: 1882-1: Linux kernel (OMAP4) vulnerabilities

[0x5] Ubuntu: 1881-1: Linux kernel vulnerabilities

[0x6] Ubuntu: 1880-1: Linux kernel (Quantal HWE) vulnerabilities

[0x7] Ubuntu: 1879-1: Linux kernel (OMAP4) vulnerabilities

[0x8] Ubuntu: 1876-1: Linux kernel vulnerabilities

[0x9] Ubuntu: 1877-1: Linux kernel (EC2) vulnerabilities

[0xA] Ubuntu: 1878-1: Linux kernel vulnerabilities

Dogbert's Blog

hardware hacking and other ramblings...

[0x1] Password Recovery for FSI Amilo Pi Laptops

[0x2] Conrado strikes again

[0x3] Dell 1D3B

[0x4] "Donate" Button

[0x5] Free Unlocker for Palm/HP Phones

[0x6] Shmuck of the Week: Alexis Toledo / novatec / biosremoval

[0x7] Roll Call - State of Electronics

[0x8] Shmuck of the Month: Sony

[0x9] Shmuck of the Month: Conrado Davila / laptoprebirth.com

[0xA] Yet Another BIOS Broken by Design: InsydeH20

Gizmo's Freeware: Top selections

The best freeware finds from Gizmo's Freeware (www.techsupportalert.com)

[0x1] Use This Powerful Microsoft Tool to Provide Better Security for Windows Programs

[0x2] Use This Powerful Microsoft Tool to Provide Better Security for Windows Programs

[0x3] Website of the Week

[0x4] Best Free Software for Linux and Mac OS X

[0x5] How to Get Collections of Free Icons

[0x6] Freeware Game of the Week (Get ready to Cry with Fear!)

[0x7] Find Out What Windows Drivers and Services are Doing with this Powerful Free Utility

[0x8] Finds of the Week

[0x9] Updated: Best Free Android Apps

[0xA] Internet Addresses, Protocols, and Ports Explained in Simple Terms

Trustwave SpiderLabs Blog

News and commentary about Internet-borne security threats from Trustwave.

[0x1] M86 Security Labs now part of Trustwave’s SpiderLabs

[0x2] The Cridex Trojan Targets 137 Financial Organizations in One Go

[0x3] Cutwail Drives Spike in Malicious HTML Attachment Spam

[0x4] M86 Security Threat Report for the Second Half of 2011 is Now Available

[0x5] MIDI Files – Mid-Way to Infection

[0x6] Massive Compromise of WordPress-based Sites but ‘Everything will be Fine’

[0x7] Zbot Trojan spreads through fake ConEdison billing notification email

[0x8] Web Hijacks with AJAX

[0x9] Prevalent Exploit Kits Updated with a New Java Exploit

[0xA] A new Adobe 0-day In the Wild – – But No Worries, You are Already Protected with Our Secure Web Gateway!

joatBlog

Miscellaneous stuff

[0x1] Setting up ddclient on the Raspberry Pi

[0x2] Running misc. stuff on the GoFlex

[0x3] How to open the PogoPlug (v4) case

[0x4] Running Openfire on the RPi

[0x5] Invasion of the Pedants

[0x6] WeMo and Linux

[0x7] Broken feed

[0x8] Monitoring the RPi's temp

[0x9] Auto-update not necessarily good

[0xA] Getting myself in trouble

SANS Internet Storm Center, InfoCON: green

[0x1] Infocon: green

[0x2] ISC StormCast for Wednesday, June 19th 2013 http://isc.sans.edu/podcastdetail.html?id=3377, (Wed, Jun 19th)

[0x3] WinLink Check-In, (Wed, Jun 19th)

[0x4] Volatility rules...any questions?, (Tue, Jun 18th)

[0x5] Java 7 update 25 released http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html, (Tue, Jun 18th)

[0x6] EMET 4.0 is now available for download, (Tue, Jun 18th)

[0x7] ISC StormCast for Tuesday, June 18th 2013 http://isc.sans.edu/podcastdetail.html?id=3374, (Tue, Jun 18th)

[0x8] Oracle Java pre-announcement: Upcoming JRE patch will plug 37 remotely exploitable holes. See http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html, (Mon, Jun 17th)

[0x9] ISC StormCast for Monday, June 17th 2013 http://isc.sans.edu/podcastdetail.html?id=3371, (Mon, Jun 17th)

[0xA] SANSFIRE 2013, (Mon, Jun 17th)

Securelist / Alerts

[0x1] Trojan-Ransom.Win32.Gpcode.ax

[0x2] Email-Worm.Win32.VBMania

[0x3] Net-Worm.Win32.Kido

[0x4] Virus.Win32.Gpcode.ak

[0x5] Email-Worm.Win32.Warezov.nf

[0x6] Email-Worm.Win32.Warezov.mx

[0x7] Email-Worm.Win32.Warezov.ms

[0x8] Email-Worm.Win32.Zhelatin

[0x9] Email-Worm.Win32.Zhelatin.u

[0xA] Email-Worm.Win32.Zhelatin.r

ThinkGeek - What's New

ThinkGeek's latest and greatest stuff for smart masses brought to you with love from the minions of the Zombie Monkey Army.

[0x1] T-Shirts & Apparel : Baby's First Geeky Clothing Gift Set

[0x2] T-Shirts & Apparel : Hot Air Balloon Pendant

[0x3] T-Shirts & Apparel : 'Brella Bot

[0x4] T-Shirts & Apparel : WWZ Helicopter

[0x5] T-Shirts & Apparel : Secrid Aluminum Cardprotector

[0x6] Caffeine & Edibles : Piglets Pecan and Bacon Snack

[0x7] Geek Kids : LEGO Lord of the Rings Battle at the Black Gate

[0x8] Gadgets : PowerPot Thermoelectric Generator

[0x9] Computer Stuff : UFO Robot Grendizer Flash Drive With Saucer Docking Station

[0xA] T-Shirts & Apparel : Flash Superhero Tee

Evil Routers

[0x1] When CCIEs Get Bored

[0x2] 99 Problems But A Switch Ain’t One

[0x3] Y U NO MONITOR DATACENTER TEMPERATURE!?

[0x4] Why Best Practices Are Important (or: How I Pwn’d The Shit Out Of My ISP)

[0x5] Cisco Nexus 3548 Switch: 190 nanosecond latency

[0x6] Beer, Bikes, Boats, Babes, and Blogging

[0x7] IPv6 – It’s Not An Option

[0x8] Cisco ASA: “read-only file system”

[0x9] How To Upgrade Cisco ASA Software And ASDM

[0xA] Wireless Field Day 2

StormSecurity

IT Security Research and Services

[0x1] Impressions from Hacktivity 2012

[0x2] Manual pentesting cheatsheet (Windows)

[0x3] My PhD Thesis

[0x4] From Windows thumbnails vulnerability to remote shell

[0x5] Red Teaming Usage for Assessing Information Security

[0x6] New version of ddosim – DDOS simulator

[0x7] Backward disassembler for ROP exploitation

[0x8] Guide For Designing Cyber Security Exercises

[0x9] GROUP_CONCAT() for Oracle blind SQL injection

[0xA] Check if your email account has been exposed!

[0x1] Building a Body of Knowledge for ICT Supply Chain Risk Management

[0x2] The Software Assurance Competency Model: A Roadmap to Enhance Individual Professional Capability

[0x3] Software Security Engineering: A Guide for Project Managers

[0x4] Measuring The Software Security Requirements Engineering Process

[0x5] Foundations for Software Assurance

[0x6] Infusing Software Assurance (SwA) into Introductory Computer Science Curricula

[0x7] The Development of a Graduate Curriculum for Software Assurance

[0x8] Getting Secure Software Assurance Knowledge into Conventional Practice

[0x9] Software Assurance Education Overview

[0xA] Defining the Discipline of Secure Software Assurance: Initial Findings from the National Software Assurance Repository

CSOONLINE.com - IT Audit

[0x1] Security and vulnerability assessment: 4 common mistakes

[0x2] How Colorado's CISO is revamping the state's information security -- on a $6,000 budget

[0x3] Mobile devices: The next eDiscovery wave?

[0x4] GRC: Trying to take the bite out of risk

[0x5] Protecting data with WORM drives

[0x6] Compliance isn't security, but companies still pretend it is, according to survey

[0x7] Law firms see big money in healthcare breach cases

[0x8] 12 tips for implementing GRC

[0x9] The in-depth guide to data destruction

[0xA] Nation's nuclear power watchdog comes up short on FISMA compliance

SecurityInfoWatch Forums - Discussions for the Security Professional

Security discussion forums on topics of security management, policies, guard services, loss prevention, homeland security, alarm systems, network video, security jobs

[0x1] Sesame Street muppet has dad in jail

[0x2] ZARC Vexor pepper spray?

[0x3] IPC Director of Security

[0x4] When Government can't be trusted

[0x5] Securitas Question

[0x6] The weekend never ends..

[0x7] Married to the Job

[0x8] SOCOM Wants Iron-Man Suits for the A Teams

[0x9] Checking returned OTC medicine for signs of Product tampering

[0xA] Arrested over 300 times...signs of the times

CSOONLINE.com - Supply Chain Security

[0x1] Working the kinks out of your supply chain

[0x2] 3 MORE tabletop exercises for business continuity

[0x3] How to start a business continuity program

[0x4] Smart grid (in)securities

[0x5] Global telecom gets a lesson in business continuity

[0x6] Opinion: COAC is a security risk for the U.S.

[0x7] Supply Chain Security Threats: 5 Game-Changing Forces

[0x8] SLIDESHOW: Chemical Safety Training

[0x9] Chemical Spill Response: How Dow is Training Small Town America to Handle Hazmat Emergencies

[0xA] Swine Flu: How to Make Biz Continuity Plans

Info Security News

Carries news items (generally from mainstream sources) that relate to security.

[0x1] IG: DHS Does Not Track Security Training of System Administrator Contractors

[0x2] Firms take 10 hours to spot data breaches, McAfee finds

[0x3] NSA leaker says audits on gov’t snooping d on’t work

[0x4] Cyberespionage Operators Work In Groups, Process Enormous Data Workloads

[0x5] Coming to Wall Street This Month: Quantum Dawn 2 -- Cyberwar!

[0x6] Army major guilty in data leak gets 10-year sentence

[0x7] Encrypted e-mail: How much annoyance will you tolerate to keep the NSA away?

[0x8] Anon posts Filipino president's phone numbers

[0x9] Data breach costs decline, malicious attacks increase in US

[0xA] Start-ups ride a cybersecurity wave into Israel

Search Engine Watch Discussion Forums

Search Engine Watch Forums

[0x1] Que pensez-vous de ce site de voyance gratuite ?

[0x2] Bemertkjj Zcdqx

[0x3] michael kors watches two tone kwk81

[0x4] michael kors si56

[0x5] You'll be able to feel the different while in the top quality

[0x6] gucci bags qh86

[0x7] Cease trying ! to simply call

[0x8] There is plenty of styles

[0x9] michael kors bags are made in vjy48

[0xA] pretty very clear since they can

eWEEK Security

News, reviews and commentary on technology security and data, application and network integrity, anti-virus and more.

[0x1] Is Network Solutions Snatching Domain Names?

[0x2] Reforming the DisGrace Period

[0x3] Critical TCP/IP Worm Hole Dings Windows Vista

[0x4] RSA Lays Off Security, Sales Staff

[0x5] Phishing at the Top Level

[0x6] Spam on the Run: Notorious Spammer on the Lam

[0x7] Microsoft: Critical Vista Patch Coming

[0x8] Code Testing Tools Could Be Acquisition Targets in '08

[0x9] More Bad Drivers on the Information Superhighway

[0xA] Passenger Hacks NYC Taxi Computer System

EH-Net Online Mag

Free Online Magazine for the Security Professional

[0x1] June 2013 Free Giveaway Sponsor – Black Hat USA

[0x2] April 2013 Free Giveaway Sponsor – eLearnSecurity

[0x3] Human Intel to Navigate the Security Data Deluge

[0x4] February 2013 Free Giveaway Winner of SANS CyberCon Training

[0x5] Interview: Bugcrowd Founders on Herding Ninjas for Crowdsourced Bug Bounties

[0x6] Network Forensics: The Tree in the Forest

[0x7] March 2013 Free Giveaway Sponsor – Mile2

[0x8] Book Review: Violent Python

[0x9] February 2013 Free Giveaway Sponsor – SANS CyberCon

[0xA] Holiday 2012 Free Giveaway Winner of Metasploit Pro by Rapid7

Feed: Debra Shinder Blog

Contains: 1 categories / 1155 items. Last Updated: 2013-06-18 18:31:55.693297+00:00 Average Rating: 5

[0x1] Oracle fixes 40 Java vulnerabilities today

[0x2] Flash vulnerability allows web cam/microphone spying

[0x3] It's Patch Tuesday again

[0x4] When Security Poses a Security Threat

[0x5] Will New HIPAA Rules Impact Your Organization?

[0x6] Hack Google and get paid (by Google)

[0x7] IT security job market update

[0x8] Continuous Monitoring: What does it mean?

[0x9] Former employee hacks company network

[0xA] Microsoft mobilizes Azure to fight botnets

LinuxSecurity.com: Mandriva Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] Mandriva: 2013:175: owncloud

[0x4] Mandriva: 2013:174: apache

[0x5] Mandriva: 2013:173: subversion

[0x6] Mandriva: 2013:172: wireshark

[0x7] Mandriva: 2013:171: gnutls

[0x8] Mandriva: 2013:170: socat

[0x9] Mandriva: 2013:169: socat

[0xA] Mandriva: 2013:168: python-httplib2

DEFCON Announcements!

DEFCON is the world's largest annual hacker convention, held every year in Las Vegas, Nevada. The first DEFCON took place in June 1993. DEF CON is renowned for the "arcane arts" of drinking, socializing, debugging, and crowd control. DEFCON is what you make of it, so get involved and help the community grow. This Feed will keep you up to date with some announcements surrounding pre and post con events, references to DEFCON in the news, and other errata. For the most up to date information visit or subscribe to the rss feeds on the forums (http://forum.defcon.org/) See http://www.defcon.org/ for more details, discussion forums, past speeches, and planning for the next year.

[0x1] DEF CON 20 CTF PCAPS Now Available!

[0x2] New DEF CON 21 Speakers Posted!

[0x3] New DEF CON Torrent Page!

[0x4] DEF CON in the News - Silent War

[0x5] DEF CON 20 Speaker and Slides Videos + Photos!

[0x6] More CTF Packets to Peruse!

[0x7] Live Transcription at DEF CON 21!

[0x8] DEF CON 21 CFP Has Closed! CTF Quals Around the Corner!

[0x9] CTF Packet Captures from DEF CON 17!

[0xA] DEF CON Forums For Contest & Event News

LWN.net comments

This feed contains the text of all comments posted to the LWN.net site.

[0x1] MySQL man pages silently relicensed away from GPL (MariaDB blog)

[0x2] MySQL man pages silently relicensed away from GPL (MariaDB blog)

[0x3] More behind the scenes changes...

[0x4] MySQL man pages silently relicensed away from GPL (MariaDB blog)

[0x5] LLVM 3.3 released

[0x6] MySQL man pages silently relicensed away from GPL (MariaDB blog)

[0x7] Precision licensing

[0x8] Dividing the Linux desktop

[0x9] Wayland explanations are STILL confusing and worrying users

[0xA] MySQL man pages silently relicensed away from GPL (MariaDB blog)

SecuriTeam

Welcome to the SecuriTeam RSS Feed - sponsored by Beyond Security. Know Your Vulnerabilities! Visit BeyondSecurity.com for your web site, network and code security audit and scanning needs.

[0x1] Adobe ColdFusion Unauthorized Administrator Console Access Issue Vulnerability

[0x2] avast! Antivirus for Android com.avast.android.mobilesecurity.app.scanner.DeleteFileActivity Crafted Intent Local DoS Vulnerability

[0x3] Cisco IOS XE on 1000 Series Aggregation Services Routers (ASR) Fragmented IPv6 Multicast Traffic Handling Remote DoS Vulnerability

[0x4] Cisco Prime Central for Hosted Collaboration Solution (HCS) IBM Tivoli Monitoring (ITM) Java Servlet Container XSS Vulnerability

[0x5] Cisco Unified Computing System Manager XML API Management Service Crafted Request Handling Remote DoS Vulnerability

[0x6] Conspiracies For Android (Good.digest.zagovory) Trojaned Distribution Vulnerability

[0x7] D-Link Multiple IP Cameras upnp/asf-mp4.asf Direct Request Live Video Stream Disclosure Vulnerability

[0x8] Events Manager Plugin for WordPress templates/forms/bookingform/booking-fields.php Multiple Parameter XSS Vulnerability

[0x9] Free Monthly Websites /admin/file_io.php Admin Password Manipulation Vulnerability

[0xA] Ganglia Graph_all_periods.php Multiple Parameter XSS Vulnerability

lkml.org

lkml.org - the realtime linux kernel mailinglist archive

[0x1] Re: [RFC PATCH v3 0/2] drivers: mfd: Versatile Express SPC support

[0x2] [PATCH 1/1] net: add dm9620 net usb driver

[0x3] Re: [PATCH v2 1/4] ARM: dts: omap4-panda: Add USB Host support

[0x4] Re: [PATCH 2/7] KVM: MMU: document clear_spte_count

[0x5] Re: [PATCH 7/7] KVM: MMU: document fast invalidate all mmio sptes

[0x6] Re: [PATCH 2/7] KVM: MMU: document clear_spte_count

[0x7] [PATCH] Documentation/cgroups/memory.txt: fix stat file documentation

[0x8] Re: [PATCH V5 1/3] pci: Add PCIe driver for Samsung Exynos

[0x9] Re: power-efficient scheduling design

[0xA] Re: [PATCH v2 1/4] ARM: dts: omap4-panda: Add USB Host support

Published Security Alerts

Published Security Alerts

[0x1] SQL Injection in SYS.KUPV$FT in Oracle 10g. Rel. 1

[0x2] SQL Injection in SYS.KUPV$FT_INT in Oracle 10g. Rel. 1

[0x3] Event 10053 logs TDE wallet password in cleartext

[0x4] Transparent Data Encryption stores key unencrypted in the SGA

[0x5] Cross-Site-Scripting in Oracle Workflow wf_route

[0x6] Cross-Site-Scripting in Oracle Workflow wf_monitor

[0x7] Shutdown listener via iSQL*Plus

[0x8] Shutdown listener via Forms Servlet

[0x9] Plaintext Passwords logged during Installation of Oracle HTMLDB

[0xA] Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB

ZDI: Upcoming Advisories

Upcoming Advisories

[0x1] ZDI-CAN-1909: Microsoft

[0x2] ZDI-CAN-1908: Oracle

[0x3] ZDI-CAN-1907: Microsoft

[0x4] ZDI-CAN-1905: Hewlett-Packard

[0x5] ZDI-CAN-1895: Splunk

[0x6] ZDI-CAN-1894: Oracle

[0x7] ZDI-CAN-1893: Microsoft

[0x8] ZDI-CAN-1884: Kaspersky

[0x9] ZDI-CAN-1882: Microsoft

[0xA] ZDI-CAN-1877: Microsoft

Paranoia, Insecurity, and Overall Anxiety

I decided to create this blog to share information with those readers who are interested in some of the topics addressed. These topics will primarily be information security focused, but don't be surprised if I throw in a conspiracy theory or two from time to time.

[0x1] PA School Activates Spycam on Laptop

[0x2] Spyware for Your Blackberry

[0x3] Don't Forget Iron Man

[0x4] Pursuit Robots

[0x5] I Have Returned

[0x6] Ubiquitous Computing - I Don't Like IT!

[0x7] A Little Satire

[0x8] Bundled Facial Recognition Software on New Laptops

[0x9] I Have Been Slipping!

[0xA] Unleash the Cracken aka DARPA

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] pastebin.mozilla.org XSS

[0x2] www.kcna.kp XSS

[0x3] www.athinorama.gr Redirect

[0x4] cms.paypal.com Phishing

[0x5] www.ebay.com Script Insertion

[0x6] www.ebay.com Script Insertion

[0x7] www.paid-to-promote.net XSS

[0x8] www.si-wifi.org XSS

[0x9] www.wattpad.com XSS

[0xA] www.mercadolivre.com.pt XSS

Exotic Liability

Exotic Liability

[0x1] Exotic Liability 87: Trigger

[0x2] Exotic Liability 86 - Christmas and then some...

[0x3] Exotic Liability 85: The boys are back in town

[0x4] Exotic Liability 84: FTW

[0x5] Exotic Liability 83: Oh yeah

[0x6] Exotic Liability 82 Holidays are Errata funz

[0x7] InfoSec Santa

[0x8] Exotic Liability 80: Unbreakable

[0x9] EL 79: ConGestion

[0xA] Episode 78: Con-dom

PenTester Scripting

[0x1] discovery:ssl_tests

[0x2] authors:jason_haddix

[0x3] discovery

[0x4] mapping

[0x5] mapping:nmap_open_port_stats - created

[0x6] exploitation

[0x7] exploitation:p0wnpr0xy - created

[0x8] mapping:userpass - created

[0x9] exploitation:sqlinjector - created

[0xA] exploitation:get_to_post - created

CSOONLINE.com - Wireless/Mobile Security

[0x1] Federal regulators address rising security risk to medical devices

[0x2] U.S. prosecutors propose kill switch to stop smartphone thefts

[0x3] SMS spam cruises for suckers

[0x4] Android Trojans spread by Bluetooth, hijack bank codes

[0x5] New Android Trojan app exploits previously unknown flaws, researchers say

[0x6] Verizon, others have no choice but to hand over customer data

[0x7] Report: Court order gives U.S. access to Verizon call info

[0x8] Mobile security incident costs, regional threat differences revealed

[0x9] Telenor hopes to encourage phone recycling by erasing data more securely

[0xA] Pentagon clearance for iOS could open even more doors for Apple in the private sector

PacketWars

Attack. Defend. Survive.

[0x1] PACKETWARS Boot Camp Annouced

[0x2] Packetwars on a boat in Germany

[0x3] SISMAT 2012

[0x4] 2012 Resolutions

[0x5] PacketWars Innagural Battle In Germany 2011

[0x6] Heading To The Heidelberg

[0x7] See the Action

[0x8] PacketWars Confirmed At Troopers11

[0x9] Online News: Help Net Security

[0xA] Day-Con IV Content Added to Flickr [THX FLO]

SANS Internet Storm Center, InfoCON: green

[0x1] ISC StormCast for Wednesday, June 19th 2013 http://isc.sans.edu/podcastdetail.html?id=3377, (Wed, Jun 19th)

[0x2] WinLink Check-In, (Wed, Jun 19th)

[0x3] Volatility rules...any questions?, (Tue, Jun 18th)

[0x4] Java 7 update 25 released http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html, (Tue, Jun 18th)

[0x5] EMET 4.0 is now available for download, (Tue, Jun 18th)

[0x6] ISC StormCast for Tuesday, June 18th 2013 http://isc.sans.edu/podcastdetail.html?id=3374, (Tue, Jun 18th)

[0x7] Oracle Java pre-announcement: Upcoming JRE patch will plug 37 remotely exploitable holes. See http://www.oracle.com/technetwork/topics/security/javacpujun2013-1899847.html, (Mon, Jun 17th)

[0x8] ISC StormCast for Monday, June 17th 2013 http://isc.sans.edu/podcastdetail.html?id=3371, (Mon, Jun 17th)

[0x9] SANSFIRE 2013, (Mon, Jun 17th)

[0xA] A scan is a scan is a scan, (Sun, Jun 16th)

AVG Top Threats

Latest security threats

[0x1] AVI 271.1.1/6422 - new threats

[0x2] AVI 271.1.1/6421 - new threats

[0x3] AVI 271.1.1/6420 - new threats

[0x4] AVI 271.1.1/6419 - new threats

[0x5] AVI 271.1.1/6418 - new threats

[0x6] AVI 271.1.1/6417 - new threats

[0x7] AVI 271.1.1/6415 - new threats

[0x8] AVI 271.1.1/6414 - new threats

[0x9] AVI 271.1.1/6413 - new threats

[0xA] AVI 271.1.1/6412 - new threats

LinuxSecurity.com: Slackware Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] Slackware: 2013-161-01: php: Security Update

[0x4] Slackware: 2013-140-01: kernel: Security Update

[0x5] Slackware: 2013-136-02: ruby: Security Update

[0x6] Slackware: 2013-135-01: mozilla-firefox: Security Update

[0x7] Slackware: 2013-135-02: mozilla-thunderbird: Security Update

[0x8] Slackware: 2013-109-01: xorg-server: Security Update

[0x9] Slackware: 2013-097-01: seamonkey: Security Update

[0xA] Slackware: 2013-095-01: subversion: Security Update

Free Information Technology Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications about information technology and digital communication.

[0x1] Five Steps to a Private Cloud

[0x2] The Cloud - Inevitable, But Not Ubiquitous

[0x3] Cloud: It's all about the Service

[0x4] Five Myths of Cloud Computing

[0x5] IT Operations Managers Must Rethink Their Approach to Private Cloud

[0x6] Build a Cloud within a Day

[0x7] Five Important Keys To Choosing Your Business VoIP Vendor

[0x8] Forrester Research Report: The Future of Mobile Application Development

[0x9] The Essentials of Agile

[0xA] Keys to a Fast, Clean Close

News ≈ Packet Storm

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

[0x1] NSA Head / Lawmakers Defend Surveillance Programs

[0x2] Remote Code Execution Vulnerability Appears In Puppet

[0x3] US / Russia Ink Cybersecurity Partnership Deal

[0x4] Inkasso Trojaner Analysis Part 1

[0x5] Wall Street To Host A Simulated Cyber War

[0x6] SAP Users Slack, Slow And Backward On Security

[0x7] Flash Flaw Potentially Makes Every Webcam A Peephole

[0x8] PRISM: Yahoo Reveals 13,000 Data Requests From Snooping Spooks

[0x9] Obama: NSA Spying Doesn't Mean 'Abandoning Freedom'

[0xA] New Form Of Matter Discovered?

PandaLabs Blog

Everything you need to know about Internet threats

[0x1] United Nations, Parents, Global Days, Social Networks… and Security

[0x2] PandaLabs Quarterly Report – Q1 2013

[0x3] The Importance of Strong Passwords on Social Media

[0x4] Twitter, Facebook, Apple, Microsoft… who is left?

[0x5] A look back at cyber-security in 2012

[0x6] Police Virus Infections On The Rise

[0x7] Operation Ransom: Police Virus authors arrested

[0x8] Saint Valentine: tips to avoid falling victim to computer threats

[0x9] PandaLabs Annual Report – 2012

[0xA] Facebook spam leads to Exploit Kit

Peter Guerra

All about security

[0x1] Malware implicated in fatal Spanair plane crash

[0x2] Cybersecurity and National Policy

[0x3] How Robber Barons hijacked the telegraph system

[0x4] The Bedazzler

[0x5] iPhone fix

[0x6] Twitter for Botnet control

[0x7] BlackHat 2009 Presentation

[0x8] SLE, Quantitative versus Qualitative Risk, and Finance

[0x9] BlackHat 2009

[0xA] White House Cyber Security Review is out

CSOONLINE.com - Security Career/Staffing

[0x1] 5 ways to create a collaborative risk management program

[0x2] Why you need a security buddy (and how to find one)

[0x3] Using security skills for charitable cause

[0x4] Women leaders in security recognized

[0x5] Why security is in denial about awareness

[0x6] How valuable are security certifications today?

[0x7] Book excerpt: 'C(I)SO: And Now What?'

[0x8] Hot security skills of 2013

[0x9] 15 tips for landing - and acing - a job interview

[0xA] 5 more tough security questions (and tips on answering them)

CSOONLINE.com - Compliance

[0x1] 5 myths about awareness

[0x2] The security laws, regulations and guidelines directory

[0x3] Let someone break the rules to improve security

[0x4] Former Zynga CSO: Innovate or Die

[0x5] Pulling it all together: A special report on GRC

[0x6] Rick Kelly: Value focus

[0x7] Feds set to require cloud vendor security certification

[0x8] Report: PHI security is MIA

[0x9] Is your definition of security holding you back?

[0xA] How the Red Cross found its ID management groove

Smart Security by Dharmesh M Mehta

An Application Security Blog

[0x1] What do you say? Yes / No / Don't Care

[0x2] 7 UID bogus centers shut down

[0x3] Mobile Apps Security – Are you worried?

[0x4] Simple Autocomplete

[0x5] Past few months

[0x6] OTP adoption from India to the US?

[0x7] Getting Hands Dirty with Ettercap Tool

[0x8] About the 'Rugged' Initiative

[0x9] Plenty of (IN)Secure Broadband Routers

[0xA] Mumbai to Host India’s First e-Crime Forum

ITWeb Computing

Latest ICT Computing news

[0x1] Sony delays Gran Turismo release

[0x2] MS calls for student innovators

[0x3] Data centres get innovative

[0x4] Sony Ericsson pioneers green phone

[0x5] Fujitsu offers USB zero client

[0x6] Grade 11 wins Computer Olympiad

[0x7] Intel powers local youth

[0x8] Best-case cloud computing years away

[0x9] Desktop virtualisation demand surges

[0xA] Czech operators support mobile payment

hacklab.to

Toronto's hacker collective

[0x1] Hacklab Propaganda Booth @ Waterloo Mini Maker Faire

[0x2] Toronto Mini-Maker Fair

[0x3] Photo of the week; Prototype

[0x4] Photo of week; Welcome.

[0x5] Happy Belated April 1st.

[0x6] Lathe!

[0x7] One snowy open house.

[0x8] Hacklab Pi Day Party: Friday March 15th 6pm onward

[0x9] Toronto Reference Library & Digital Design Studio Visit

[0xA] Photo of the week;

Securelist / Descriptions

[0x1] Trojan-Downloader.JS.Agent.gdn

[0x2] Trojan.Win32.Scar.dgje

[0x3] Trojan.Win32.KillAV.gcg

[0x4] Trojan.Win32.Agent2.dmdi

[0x5] Trojan-Downloader.JS.Agent.gbj

[0x6] Trojan-Downloader.JS.Agent.gaf

[0x7] Trojan.Win32.Jorik.Carberp.ar

[0x8] Trojan.Win32.Agent2.dmvt

[0x9] Trojan.Win32.KillFiles.afz

[0xA] Trojan.Win32.Agent.fajk

Exploit KB

exploit ~#

[0x1] Resolver 1.0.9 – Bug Hunters Edition Release

[0x2] PayPal Gesture Pay Admin Panel Authentication Bypass

[0x3] PayPal Stored XSS via Request Payment feature or “How to inject a malicious payload remotely into users accounts”

[0x4] Windows 7 Fake Access Point With Alfa AWUS036H

[0x5] Setup a Fake Access Point With BackTrack5

[0x6] Resolver

[0x7] Wophcrack – Ophcrack web interface

[0x8] New home for exploit.co.il

[0x9] ScreenSpy – New Meterpreter Script Review

[0xA] Meterpreter Script – Windows Service Creator

US-CERT Current Activity

A regularly updated summary of the most frequent, high-impact security incidents currently being reported to the US-CERT.

[0x1] Oracle Java SE Critical Patch Update Announcement - June 2013

[0x2] Security Updates Available for Adobe Flash Player

[0x3] Microsoft Releases June 2013 Security Bulletin

[0x4] Apple Releases OS X 10.8.4 and Security Update 2013-002

[0x5] Apple Releases Security Update for Safari on OS X

[0x6] Google Releases Google Chrome 27.0.1453.110

[0x7] Apple Releases Security Updates for Apple QuickTime 7.7.4

[0x8] Google Releases Google Chrome 27.0.1453.93

[0x9] Adobe Releases Security Updates for Adobe Flash Player

[0xA] Security Updates Available for Adobe Reader and Acrobat

CSOONLINE.com - Data Privacy

[0x1] Google asks to make surveillance orders public, citing First Amendment

[0x2] U.S. officials: Surveillance helped stop 50 terrorist plots

[0x3] Why we can't stop malicious insiders

[0x4] NSA can access data without court approval, Snowden says

[0x5] UK spy agency reportedly intercepted email of delegates at G20 meetings in 2009

[0x6] Apple received thousands of data requests from US law enforcers

[0x7] Facebook, Microsoft disclose little on national security requests

[0x8] Does encryption really shield you from government's prying eyes?

[0x9] Privacy needs to be balanced with security: privacy commissioner

[0xA] Even before NSA scandal, US residents worried about privacy breaches

My Security Blog

Security Chronicles By Umesh Thota.
www.SecureBlog.net

[0x1] iPhoned..

[0x2] thats why.. lol…

[0x3] Panda Cloud Antivirus !!!

[0x4] BEST BROWSER (*FIREFOX) ADDONS!!!

[0x5] BORG!!! BOT!!! FIGHT!!!

[0x6] GUIDELINES FOR SAFE COMPUTING:

[0x7] K9 Web Protection - Free Internet Filtering and Parental Controls Software

[0x8] Must Have Security Solutions (for free)

[0x9] Goolag Scanner Released!

[0xA] Change DNS ? for a Safer, Faster Online Experience

Daniel's Blog

Information technology, music, business, scuba diving and some other things I am interested in...

[0x1] Travel safe!

[0x2] “I can’t get no satisfaction” from the ATO

[0x3] !Me encanta Colombia!

[0x4] That “flip” thing

[0x5] MBAs and GMAT

[0x6] Where should you buy it? Try Mustafa*!

[0x7] Bondi got flipped!

[0x8] Are you aware of the new business models which are now available on the web?

[0x9] Hello Merlion!

[0xA] Movember video!

CAcert NEWS Blog

CAcert NEWS and up coming events.

[0x1] Problems with creating new certificates

[0x2] ATE Lübeck, 2013-06-07

[0x3] CAcert at LinuxTag 2013 in Berlin

[0x4] CAcert is proud to announce that the Trusted Third Party Programme is back to life

[0x5] Root installer package for Windows Truststore

[0x6] CAcert web server downtime on April 3, 2013

[0x7] PoJAM - PolicyOnJuniorAssurersMembers moves to POLICY

[0x8] CAcert at CeBIT 2013

[0x9] Call for Vote: p20130222 PoJAM to POLICY + p20130223 Several minor changes to PoP to DRAFT

[0xA] ATE Kiel, 2013-02-11

CSOONLINE.com - Metrics/Budgets

[0x1] 10 tips to secure funding for a security program

[0x2] How Blackstone is finding BYOD success with BYOA(pple)

[0x3] 5 myths about awareness

[0x4] Big goals for Big Data

[0x5] Dan Geer: It's lonely in the middle -- but it doesn't have to be

[0x6] It's time to start patching the Human OS

[0x7] 5 tips to retain great security talent

[0x8] Making Metrics Matter to the C-Suite

[0x9] Security Metrics: Critical Issues

[0xA] What's your Total Cost of Risk (TCOR)?

Web App Security

Provides insights on the unique challenges which make web applications notoriously hard to secure, as well as attack methods including SQL injection, cross-site scripting (XSS), cross-site request forgery, and more.

[0x1] CFP Extended - OWASP InfoSec India Conference 2013

[0x2] t2'13: Call for Papers 2013 (Helsinki / Finland)

[0x3] c0c0n 2013 CFP - Extended Deadline: 9 June, 2013

[0x4] CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops!

[0x5] RE: WASC Announcement: Static Analysis Technologies Evaluation Criteria Published

[0x6] [HITB-Announce] HITB Magazine Issue 010

[0x7] WASC Announcement: Static Analysis Technologies Evaluation Criteria Published

[0x8] SpiderFoot 2.0 released

[0x9] [HITB-Announce] #HITB2013KUL Call for Papers

[0xA] Breakpoint 2013 Call For Papers

Linux Techbits and hackery

A Simple blog debating good linux hacks, security and programming and general sysadministration..

[0x1] gpu woes

[0x2] Woah how long before a post?

[0x3] Argh blow up parts..

[0x4] Happy Sysadmin appreciation day

[0x5] choosing a web language...

[0x6] Epic fail ftw..

[0x7] found a bug?

[0x8] shellcodes more shellcode stuff.

[0x9] upcoming blog post..

[0xA] amd64/x86_64 shellcode..

CSOONLINE.com - Identity Theft Prevention

[0x1] LinkedIn joins two-factor login bandwagon to keep hackers out

[0x2] Acting Victorian Privacy Commissioner offers ID theft test

[0x3] LivingSocial hacked, 50M users told to reset passwords

[0x4] Microsoft moves to optional two-factor authentication

[0x5] Bitcoin storage service, Instawallet, suffers database attack

[0x6] IRS uncorks Dirty Dozen Tax Scams for 2013

[0x7] Microsoft: Hackers obtained high-profile Xbox Live accounts

[0x8] Site hosting leaked celebrity data goes offline

[0x9] Credit report breach has link to Zeus banking malware

[0xA] Wealth of data online likely made posting celebrity credit reports easy

BlogInfoSec.com

An Information Security Magazine in a Blog Format

[0x1] Oil Rigs’ Software Attacked by Malware

[0x2] Where Are the AppSec Candidates?

[0x3] Run More Risk Models Faster? … Maybe

[0x4] Risk and Human Frailty

[0x5] Hacking Avionics Systems

[0x6] Are Perceptions About Cloud Security and Availability Overblown … and Wrong?

[0x7] Executive Order on Cybersecurity … PDD 63 Déjà Vu

[0x8] Convenience vs. Data Breaches … Avoidance is an Answer

[0x9] Driverless Vehicles – From No Liability to High Risk

[0xA] Outsourcing and Offshoring – Now Insourcing and Reshoring

US-CERT Alerts

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

[0x1] TA13-168A: Microsoft Updates for Multiple Vulnerabilities

[0x2] TA13-141A: Washington, DC Radio Station Web Site Compromises

[0x3] TA13-134A: Microsoft Updates for Multiple Vulnerabilities

[0x4] TA13-107A: Oracle Has Released Multiple Updates for Java SE

[0x5] TA13-100A: Microsoft Updates for Multiple Vulnerabilities

[0x6] TA13-088A: DNS Amplification Attacks

[0x7] TA13-071A: Microsoft Updates for Multiple Vulnerabilities

[0x8] TA13-064A: Oracle Java Contains Multiple Vulnerabilities

[0x9] TA13-051A: Oracle Java Multiple Vulnerabilities

[0xA] TA13-043B: Microsoft Updates for Multiple Vulnerabilities

Network World on Windows

The latest Windows news, analysis and feature articles from NetworkWorld.com.

[0x1] TechEd attendees call Surface discount deal 'crazy'

[0x2] TechEd 2013: Windows 8 upgrade to showcase features for enterprise

[0x3] Targeting cloud, Microsoft set to revamp major enterprise software platforms

[0x4] IDC: PC sales being crippled by tablets; Windows 8 part of the problem

[0x5] 9 super useful subreddits network pros should follow

[0x6] Windows 8 Update: Microsoft sacks iPad in Windows 8 ad, joins forces with NFL

[0x7] Windows 8 Update: Gates: Windows 8 is about the iPad

[0x8] Windows 8 Update: 2nd-generation Surface tablets may debut next month

[0x9] 'Good enough' Microsoft Hyper-V starts turning more heads

[0xA] Windows 8 Update: Smaller, less expensive gear on tap for back-to-school

SOURCE Conference Blog

Boston - Seattle - Barcelona

[0x1] A Guide to Internet Safety for Parents and Their Children

[0x2] OWASP Releases New Top 10. Is That 9 Too Many?

[0x3] Mobilizing the Masses: Building BYOD Security Awareness in Your Workplace

[0x4] Launch Day! Mobile Application Reputation Service

[0x5] Increasing Business with a SaaS-based Application Security Platform

[0x6] At FTC Event, Google Plays Dumb On Mobile Security

[0x7] How to Wipe Your Old Smartphone Data Before You Donate

[0x8] Review Your Exceptions Early and Often

[0x9] Report Reveals: 41% of Data Theft Hits Applications and Documents

[0xA] Veracode’s CEO a Finalist in Ernst & Young’s Entrepreneur of the Year Award

Data Management White Papers

Business Intelligence, Database, Data Warehouse, Knowledge Management, and Oracle White Papers

[0x1] Insiders' Guide to Evaluating Remote Control Software

[0x2] Automated Sales Order Processing for Order-to-Cash Performance with SAP(R) Solutions

[0x3] Closing the Order to Cash Performance Gap: Between Document Processes and SAP(R) Solutions

[0x4] Order-to-Cash Best Practices for Billing Documents - Automated Access and Delivery

[0x5] Automating Complete PO Document Packages for Procure-to-Pay Performance with SAP(R) Solutions

[0x6] The Learning Organization Goes Digital

[0x7] 10 Tips - IT Training Support

[0x8] How to Make Your IT Staff Smarter

[0x9] Improving Application Development with Digital Libraries

[0xA] Working Green with Digital Libraries - How it Can Help

InternetNews Realtime News for IT Managers

All the top news, features, analysis and insight into enterprise and Internet technology, geared for IT managers and delivered by the best in the industry.

[0x1] Microsoft Inks UC Deal With Polycom

[0x2] IT Earnings Way Up at Job Site Elance

[0x3] Google, Verizon Posit Net Neutrality Accord

[0x4] Tech Stocks Gain Despite HP's Plunge

[0x5] New Federal Data Breach Bill Debuts in Senate

[0x6] Cisco Unveils Top 10 Web Malware Threats

[0x7] Microsoft Adds Single Sign-On to Azure

[0x8] Cisco's CSO Details Security Approach

[0x9] Adobe Hurries Patch for PDF Security Flaw

[0xA] HP CEO Hurd Quits After Harassment Investigation

Paul Golding - Strategy & Product Consultant

Mobile Visionary

[0x1] Beware of the mythical power of experts and gurus…

[0x2] Building an open source hackable car…

[0x3] The powerful influence of color

[0x4] Is your child an “Edison Child?”

[0x5] Understanding the Fundamentals of Telco Innovation (by a practitioner)

[0x6] Voxeo Labs Ameche – The Telco Platform Approach Evolves…

[0x7] Lessons learned using “lean start-up” within a big corp

[0x8] Telcos as Voice Platforms – is it finally happening?

[0x9] 7 Databases in 7 Weeks – a valuable book

[0xA] Building an Ideas Culture – Is it a Good Idea?

Enterprise Storage Forum News

Covering security, storage, and networking for the enterprise IT professional

[0x1] Solid State Drives Get Faster with TRIM

[0x2] Solid State Drives in Enterprise Applications

[0x3] Oracle to Keep Sun's Data Storage, Tape Businesses

[0x4] LTO-5 Breathes New Life into Tape Storage

[0x5] NetApp Deepens Ties with Cisco, VMware

[0x6] EMC Reports Strong Data Storage, Deduplication Sales

[0x7] Symantec Adds Deduplication to Backup Software

[0x8] EMC Doubles Clariion, Celerra Density with 2TB SATA Drives

[0x9] RAID Storage Levels Explained

[0xA] NetApp, Cisco and VMware Deal May Be Coming

PandaLabs Blog

Everything you need to know about Internet threats

[0x1] United Nations, Parents, Global Days, Social Networks… and Security

[0x2] PandaLabs Quarterly Report – Q1 2013

[0x3] The Importance of Strong Passwords on Social Media

[0x4] Twitter, Facebook, Apple, Microsoft… who is left?

[0x5] A look back at cyber-security in 2012

[0x6] Police Virus Infections On The Rise

[0x7] Operation Ransom: Police Virus authors arrested

[0x8] Saint Valentine: tips to avoid falling victim to computer threats

[0x9] PandaLabs Annual Report – 2012

[0xA] Facebook spam leads to Exploit Kit

Networking/Security Forums

Security Forums Dot Com :: Share Your Knowledge

[0x1] DNS.exe is always uploading at 200-300 KB/sec

[0x2] Uninstalled McAfee, deleted a DLL, Can't get on Internet Now

[0x3] Remove Win 2003 server and Promote Win 2008

[0x4] Help Needed: Testing SOHO IPSEC

[0x5] M$ issue which I cant get rid of

[0x6] Windows Autoupdate is not working

[0x7] Installed Updates - Overview

[0x8] Batch File inside batch file

[0x9] Link Aggregate

[0xA] Default Web Server Cert is valid only for 2 years. Can it be

Linus' blog

Eventually this might even contain some Torvalds family pictures.

[0x1] Glamorous pictures?

[0x2] Pearls before swine..

[0x3] Thank you for ...

[0x4] Early Halloween Guest

[0x5] "13744 supplied"

[0x6] Meanwhile, in Finland..

[0x7] A Pig Lover's Oath

[0x8] Silly grin

[0x9] Turst me, I know what I'm doing...

[0xA] Demons? Really?

HSC Security Portal

Hackers Center Security Portal is one of the most complete, updated and visited Securty portals on the net. We offer Security Blogs, Exploits, Texts, Tools

[0x1] Scrubyt 0.4

[0x2] Sahi V3

[0x3] UrlParams 2.2.0

[0x4] TemperIE

[0x5] Nikto 2

[0x6] hcraft 1.0.0

[0x7] MSNPawn 1.1

[0x8] httprint

[0x9] DIRB

[0xA] WebInject 1.4

The RISKS Digest

The website of the RISKS mailing list

[0x1] Metacharacters bite again

[0x2] Online ballot fraud in Miami

[0x3] Accidental bank transfer

[0x4] FDA issues draft guidance on cybersecurity for medical devices

[0x5] Static electricity in clothes ignites carpet

[0x6] Found a home via wifi

[0x7] Attacks coming from Amazon Web services

[0x8] An Innovative Inno/Vention

[0x9] Hard to get that much out of the ATM

[0xA] NSA et al.: it started well before "1984"...

Security Leadership

[0x1] 5 questions with Alissa Torres, SANS Instructor and Incident Handler at Mandiant

[0x2] Ten tweets with David Litchfield

[0x3] Deloitte Acquisition Signals Push By Consultancies Into MSSP World

[0x4] Ten tweets with Gunter Ollmann

[0x5] #FFSec: Infosec pros who bring value to Twitter

[0x6] B-Sides Boston is Saturday

[0x7] 5 questions with former DuPont CISO Larry Brock

[0x8] Times may change, but the CSO's song remains the same

[0x9] Leaving CSO, Heading to Akamai

[0xA] Savage Chickens on information security

AskApache

Advanced Web Development

[0x1] King Penguin Linux Notebook

[0x2] Alienware M18xR2 Review of Dells fastest Laptop

[0x3] Bash alternative to Reflector for Ranking Mirrors

[0x4] Htaccess Rewrite for Redirecting Uppercase to Lowercase

[0x5] Separate favicons for the Frontend and Backend

[0x6] PHP fsockopen for FAST DNS lookups over UDP

[0x7] Bash Functions and Aliases for Traps, Kills, and Signals

[0x8] Bash Script to Create index.html of Dir Listing

[0x9] THE Ultimate Htaccess

[0xA] HTTP Status Codes

InfoSecPodcast.com » Security Tools

[0x1] MIT Lincoln Lab Network Security Software

[0x2] Record IM video on the network?

[0x3] RFP for PenTesting

[0x4] Declassified window film stops wireless / cell signals

[0x5] List of Malware Analysis tool from SANS

[0x6] Malware Analyzing Sandbox

[0x7] Free Windows Honeypot from NetVigilance

[0x8] Ajax based port scanner

[0x9] Web based VMX file creator

[0xA] Bootable Linux security distros

StalkR's Blog

Blog of a security enthusiast

[0x1] Golang heap corruption during garbage collection

[0x2] TOR relay and transparent routing

[0x3] USB rescue and secure boot disk

[0x4] YubiText and 3-factor password authentication

[0x5] YubiKey USB security token

[0x6] PPTP VPN and policy routing on user

[0x7] Going DNSSEC, Unbound and PowerDNS

[0x8] SSH/HTTP(S) multiplexing with sshttp

[0x9] Ghost in the Shellcode 2012 Teaser - Hackquest

[0xA] HSTS preloading, public key pinning and Chrome

XSSed syndication

You are welcome to syndicate and share xssed.com contents

[0x1] pastebin.mozilla.org XSS

[0x2] www.kcna.kp XSS

[0x3] www.athinorama.gr Redirect

[0x4] cms.paypal.com Phishing

[0x5] www.ebay.com Script Insertion

[0x6] www.ebay.com Script Insertion

[0x7] www.mercadolivre.com.pt XSS

[0x8] www.chevron.com XSS

[0x9] www.mercadolivre.pt XSS

[0xA] www.mercadolibre.cl XSS

ZDI: Recent Press

Recent Press Hits

[0x1] Google offers $20,000 prize in annual hack-off

[0x2] Pwn2Own 2011: Google offering $20,000 for Chrome sandbox exploit

[0x3] Google Offers Bucks For Bugs In Its Web Applications

[0x4] How Microsoft ranks with the most tardy bug fixers

[0x5] HP TippingPoint gives deadline to vendors

[0x6] TippingPoint sets six-month deadline for flaw fixes

[0x7] HP's Zero Day Initiative Gives Vendors Patching Deadline

[0x8] Researchers Throw Down Vulnerability-Disclosure Gauntlet

[0x9] TippingPoint gives vendors six months to fix holes

[0xA] New vulnerability disclosure deadline puts pressure on tardy software vendors

Threat Level

Privacy, Crime and Security Online

[0x1] Justice Department Fought to Conceal NSA’s Role in Terror Case From Defense Lawyers

[0x2] Google Challenges FISA Gag Orders on Free Speech Grounds

[0x3] The NSA Hearing, by the Numbers

[0x4] NSA Disruption of Stock Exchange Bomb Plot Disputed

[0x5] How Hijackers Commandeered Over 130 American Planes — In 5 Years

[0x6] Skyjacked: The Strange History of Plane Hijackings in America

[0x7] Spygate Leaks Imperil State-Secrets Defense

[0x8] It’s Beyond Ridiculous That Email Isn’t Protected by Privacy Laws

[0x9] Our Top-Secret Message to NSA Whistleblower Edward Snowden

[0xA] Yahoo Supplied Data to PRISM Only After Losing Scrappy FISA Fight

xorl %eax, %eax

[0x1] CVE-2013-3228: Linux kernel IrDA Information Leak

[0x2] CVE-2013-2007: QEMU Guest Agent Insecure File Permissions

[0x3] CVE-2013-1798: Linux kernel KVM IOAPIC_REG_SELECT Invalid Memory Access

[0x4] CVE-2013-2074: KDE kdelibs Password Exposure

[0x5] CVE-2013-1796: Linux kernel KVM MSR_KVM_SYSTEM_TIME Buffer Overflow

[0x6] CVE-2013-1848: Linux kernel EXT3 ext3_msg() Format String

[0x7] C Quiz No. 2

[0x8] CVE-2013-1774: Linux kernel Edgeport USB Serial Converter NULL Pointer Dereference

[0x9] CVE-2013-1819: Linux kernel XFS _xfs_buf_find() NULL Pointer Dereference

[0xA] Book: Absolute OpenBSD (2nd Edition)

Securelist / Analysis

[0x1] Spam in April 2013

[0x2] IT Threat Evolution: Q1 2013

[0x3] Spam in Q1 2013

[0x4] Spyware. HackingTeam

[0x5] Spam in March 2013

[0x6] Winnti. More than just a game

[0x7] Spam in February 2013

[0x8] Mobile Malware Evolution: Part 6

[0x9] Spam in January 2013

[0xA] Application Control: the key to a secure network. Part 1

Techworld.com networking

Latest IT articles from Techworld's networking channel

[0x1] Canonical taps international mobile carriers for mobile advice

[0x2] US states' attorneys general to take aim at Internet 'safe harbor' law

[0x3] UK smart grid mass rollout moves a step closer

[0x4] Yahoo discloses user data requests from US law enforcement agencies

[0x5] Sprint sues Dish, Clearwire over takeover plan

[0x6] Instart Logic promises to beat Akamai at own game

[0x7] Obama directs agencies to move toward sharing spectrum

[0x8] CERN replaces proprietary video conferencing system with Vidyo

[0x9] New terms in Sprint contracts look toward WiMax shutdown

[0xA] New Cisco core router boasts 10X capacity of original

Internet Security

Internet security news and updates

[0x1] Windows 8 to have only 4 versions

[0x2] U.S. arrests 24 suspected hackers in a major sting operation

[0x3] AMD ties up with ARM to improve Hardware based PC Security

[0x4] Free security programs for your PC

[0x5] Android Apps found to be Distributing Malware

[0x6] eIQnetworks Webinar on How to Address Advanced Persistent Threats without Increasing Budgets or Personnel

[0x7] Hacking Group hit US security firm Stratfor

[0x8] Origins of Computer Viruses and Protecting your PC from them

[0x9] Social Networking danger signs to your Internet Security this Holiday Season

[0xA] iPhone apps vulnerability discovered, researcher faces 1 year ban

US-CERT Alerts

Alerts warn about vulnerabilities, incidents, and other security issues that pose a significant risk.

[0x1] TA13-168A: Microsoft Updates for Multiple Vulnerabilities

[0x2] TA13-141A: Washington, DC Radio Station Web Site Compromises

[0x3] TA13-134A: Microsoft Updates for Multiple Vulnerabilities

[0x4] TA13-107A: Oracle Has Released Multiple Updates for Java SE

[0x5] TA13-100A: Microsoft Updates for Multiple Vulnerabilities

[0x6] TA13-088A: DNS Amplification Attacks

[0x7] TA13-071A: Microsoft Updates for Multiple Vulnerabilities

[0x8] TA13-064A: Oracle Java Contains Multiple Vulnerabilities

[0x9] TA13-051A: Oracle Java Multiple Vulnerabilities

[0xA] TA13-043B: Microsoft Updates for Multiple Vulnerabilities

NoScript Updates

Recent stable releases from noscript.net

[0x1] NoScript 2.6.6.6

[0x2] NoScript 2.6.6.5

[0x3] NoScript 2.6.6.4

[0x4] NoScript 2.6.6.2

[0x5] NoScript 2.6.6.1

[0x6] NoScript 2.6.6

[0x7] NoScript 2.6.5.9

[0x8] NoScript 2.6.5.8

[0x9] NoScript 2.6.5.7

[0xA] NoScript 2.6.5.6

Panda Research Blog

Leading the way in proactive malware detection

[0x1] Q2 2011 Test Results of Security Suites

[0x2] Tis the comparative season

[0x3] Microsoft’s 6-year long open door to malware

[0x4] Panda Antivirus Command Line Scanner 9.5.1.2

[0x5] AV-Test.org 2010 Test Results

[0x6] Microsoft just doesn’t get it…. Security is about diversity

[0x7] Dear Microsoft: Please Stop Pushing Potentially Unwanted Software Through Windows Update

[0x8] Virus Bulletin 2010

[0x9] AV-Comparatives Performance Test 2010

[0xA] PC Security Labs July 2010 Test Results

Deb Shinder's Technology InSights

Deb Shinder is editor of WXPnews/Win7News, TechRepublic blogger (Microsoft InSights), Windowsecurity.com/ISAServer.org lead writer and author of "Scene of the Cybercrime"

[0x1] It’s a Start

[0x2] Urbanization, Technology and the Digital Divide

[0x3] Have electronics, will travel

[0x4] Point of View: Is Windows 7 destined to be the next (and last) XP?

[0x5] Talking Tech: Transitioning from Windows Messenger to a Brave New IM World

[0x6] The Mother of All Days

[0x7] Dude, you almost got your Dell back

[0x8] Don’t let other people control your online reputation

[0x9] Word as a Blogging Tool

[0xA] The Evolution of the Word Processing Program and the Super Secret Magical Formatting Tool in Word

Unwired: Building & Maintaining Secure Wireless Networks

Journey into the latest in wireless technology! You'll find updates on new security issues and vulnerabilities, information on IEEE standards, advice on networking hardware, and unique insight on building and maintaining a secure wireless network.

[0x1] Quantum Cryptography

[0x2] In-Flight Wi-Fi

[0x3] Economic effects on IT Field

[0x4] Blackberry Storm Simulator

[0x5] 3G Wireless

[0x6] Wireless Network Users have Come a Long Way!

[0x7] Dilemma of a Passionate Programmer

[0x8] Can Old Wireless Network Interface Cards be Upgraded to Support WPA?

[0x9] Ramifications of a Cracked WPA Passphrase

[0xA] More Ramblings on WiFi Allergies

SecuObs.com

Observatoire de la securite Internet

[0x1] FUZZING ON LINE PART THREE

[0x2] Official Maltego tutorial 5 Writing your own transforms

[0x3] Official Maltego tutorial 6 Integrating with SQL DBs

[0x4] Official Maltego tutorial 3 Importing CSVs spreadsheets

[0x5] install zeus botnet

[0x6] Eloy Magalhaes

[0x7] Official Maltego tutorial 1 Google s websites

[0x8] Official Maltego tutorial 4 Social Networks

[0x9] Blind String SQL Injection

[0xA] backdoor linux root from r57 php shell VPS khg crew redc00de

CERIAS Combined Feed

News and Blog posts from CERIAS. This feed does not include our events calendar (http://www.cerias.purdue.edu/feeds/events)

[0x1] Opticks and a Treatise on the PRISM Surveillance Program (Guest Blog)

[0x2] Schrodinger’s Catnip: A Review of the NSA Phone Surveillance Program (Guest Blog)

[0x3] Spafford Answers Cyber Security Questions on CNN.com

[0x4] Cloud Computing: A Way to Reduce Risk?

[0x5] Spafford Taking Cyber Security Questions on CNN.com

[0x6] Spafford Joins EPIC Advisory Board

[0x7] Will New Hires Impede Future Security?

[0x8] Opening Keynote: Todd Gebhart, Co-President McAfee Inc. (Summary)

[0x9] Keynote: Christopher Painter, Coordinator for Cyber Issues, U.S. Department of State (Summary)

[0xA] Tech Talk #3: Stephen Elliott (Summary)

(IN)SECURE Magazine Notifications RSS

Notifications of new (IN)SECURE Magazine issues.

[0x1] (IN)SECURE Magazine Issue 38

[0x2] (IN)SECURE Magazine Issue 37

[0x3] (IN)SECURE Magazine Issue 36

[0x4] (IN)SECURE Magazine Issue 35

[0x5] (IN)SECURE Magazine Issue 34

[0x6] (IN)SECURE Magazine special issue: RSA Conference 2012

[0x7] (IN)SECURE Magazine Issue 33

[0x8] (IN)SECURE Magazine Issue 32

[0x9] (IN)SECURE Magazine Issue 31

[0xA] (IN)SECURE Magazine Issue 30

websecurity June 2013 Archive

The Web Security Mailing List

[0x1] [WEB SECURITY] DDoS attacks via other sites execution tool

[0x2] [WEB SECURITY] WebSite Malware and Samples

[0x3] [WEB SECURITY] WebSite Malware and Samples

[0x4] [WEB SECURITY] WebSite Malware and Samples

[0x5] [WEB SECURITY] Advantages of attacks on sites with using other sites and Using of tags frameset and iframe for conducting XSS attacks

[0x6] [WEB SECURITY] WebSite Malware and Samples

[0x7] [WEB SECURITY] WebSite Malware and Samples

[0x8] [WEB SECURITY] [Web Security] Can a PADSS certified system be hacked

[0x9] [WEB SECURITY] [Web Security] Can a PADSS certified system be hacked

[0xA] [WEB SECURITY] Need a Opensource tool for application scanning

Declan McCullagh's Politech

Politech is the oldest Internet resource devoted to politics and technology. Launched in 1994, the Politech mailing list and then the web site has chronicled the growing intersection of law, culture, technology, politics, and law. Edited by Declan McCullagh.

[0x1] Politicians push for mandatory data retention laws, bipartisanly

[0x2] Who'd make the most technology-friendly president? Discuss.

[0x3] Judge rules defendant can't be forced to divulge PGP passphrase

[0x4] ITU botnet paper published in draft form, comments requested

[0x5] David Burt and his Filtering Facts Web site are back

[0x6] FTC Internet advertising summit in Washington this week

[0x7] Hamline University student suspended after pro-gun rights email

[0x8] MIT student picking up friend at airport nearly shot, charged with "infernal machine" crime

[0x9] Paul Levy: Politicians, infomercial kings try to stifle anonymous Internet speech

[0xA] Colorado sheriff creates roadblock so private firm can demand DNA blood samples

Carnal0wnage & Attack Research Blog

carnal0wnage and Attack Research Blog

[0x1] Rails Strong Parameters

[0x2] Funky Juniper URLs

[0x3] Rails - Guard, Brakeman, and Bundler-Audit

[0x4] Bundler-Audit -> Auditing your RubyGems

[0x5] Quick way to view ruby gems

[0x6] Next Level Testing

[0x7] APT PDFs and metadata extraction

[0x8] Attack Research Training Schedule

[0x9] Training Opportunities

[0xA] MSSQL Brute forcing with Resource Scripts

Help Net Security - News

Help Net Security - your homepage for all the information security news

[0x1] Employees biggest IT threat to businesses

[0x2] Facebook once again accessible via Tor

[0x3] (IN)SECURE Magazine issue 38 released

[0x4] Google asks secret court permission to publish FISA numbers

[0x5] Failed backups endanger revenue and productivity

[0x6] Oracle releases critical security updates for Java

[0x7] How to detect hidden administrator apps on Android

[0x8] CyanogenMod founder aims to thwart data-grabbing apps

[0x9] Bill aims to regulate email privacy in the cloud

[0xA] Businesses not fully implementing infosec programs

Ubergizmo

Ubergizmo is a popular news website that features honest, opinionated news &reviews; of consumer electronics products and trends

[0x1] Microsoft Updates Blink For Windows Phone 8

[0x2] Parrot AR.Drone 2.0 Gets New Updates

[0x3] GameStick pushed back a month, first units should ship in August

[0x4] Google Introduces 18 New Languages For Drive, Docs, Sheets, And Slides

[0x5] Sims 4 Confirmed, First Look Coming On August 21

[0x6] PS3 4.45 Update Locks Up Certain Consoles

[0x7] Facebook Global Outage Is Over

[0x8] Steel Diver Is First Free-To-Play Game From Nintendo

[0x9] AT&T HTC One Mini Is Confirmed

[0xA] Porsche Go-Kart For Kids

Dr. Dobb's Security

Dr. Dobb's

[0x1] Through A PRISM Darkly

[0x2] Adopting Newborn Development Testing Babies

[0x3] Developing and Architecting ADC Platforms

[0x4] 450 Million Lines Of Scanned Software Code Can’t Be Wrong

[0x5] Keccak: The New SHA-3 Encryption Standard

[0x6] Oracle Prioritizes Java 8 Lambda Security

[0x7] BodyCom Development Kit

[0x8] Code Integrity + Code Security * IP Licensing = Monetization Happiness

[0x9] Prevent Cross-Site Scripting in ASP.NET Web Apps

[0xA] Arms in the Clouds

Cisco Security Notices

Cisco Security Notices (the 40 most recent notices )

[0x1] Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability

[0x2] Crafted DNS Packet Can Cause Denial Of Service

[0x3] Cisco IPsec VPN Implementation Group Password Usage Vulnerability

[0x4] Response to BugTraq - Cisco Clean Access Agent (Perfigo) Bypass

[0x5] CSS SSL Authentication Bypass

[0x6] ZOTOB and WORM_RBOT.CBQ Mitigation Recommendations

[0x7] Response to Full-Disclosure - Potential Denial of Service Bug in Cisco Pix Firewall IOS 6.2.2 and 6.3.(3.102)

[0x8] Cisco 802.1x Voice-Enabled Interfaces Allow Anonymous Voice VLAN Access

[0x9] Vulnerability in a Variant of the TCP Timestamps Option

[0xA] W32.BLASTER Worm Mitigation Recommendations

Cisco Security Responses

Cisco Security Responses (the 40 most recent responses)

[0x1] Attention: New Cisco Security Response RSS Feed Locations

[0x2] Infected Cisco Information Packet and Warranty CDs

[0x3] Cisco IOS Software Denial of Service Vulnerabilities

[0x4] Rootkits on Cisco IOS Devices

[0x5] Cisco IPSec VPN Implementation Group Name Enumeration Vulnerability

[0x6] Multiple Vulnerabilities in Cisco Unified Videoconferencing Products

[0x7] Cisco Unified MeetingPlace XSS Vulnerability

[0x8] Cisco Unified MeetingPlace XSS Vulnerability (November 2007)

[0x9] Cisco IronPort Desktop Flag Plug-in for Outlook Information Disclosure

[0xA] Unmatched Request Discloses Client Internal IP Address

Gremwell blogs

[0x1] Burp is Going to Support PKCS#11

[0x2] MagicTree 1.3 - important bug fixes and support for IBM Rational AppScan

[0x3] We are hiring again!

[0x4] Testing Riddler CAPTCHA

[0x5] MagicTree 1.2 Is Out

[0x6] Nice arduino-based circuit

[0x7] Finally, a standard Linux 3.2 bridge can forward 802.1x messages!

[0x8] Burp plugin for scanning GWT and JSON HTTP requests

[0x9] Release of sslcaudit 1.0

[0xA] Does your test system support SSLv2?

ASTALAVISTA Forum Feed

[0x1] To Loic Or Not To Loic, That Is The Question

[0x2] Need Help On E-Mail Addresses Harvested From Search Engines

[0x3] Firewall Which Can Block Ip Address Of Incoming Connections

[0x4] Windows 8 Activator

[0x5] Hi

[0x6] Hello World

[0x7] Hi

[0x8] Hello, Everyone

[0x9] Hi To Everyone

[0xA] Windows 7 Activation

CSOONLINE.com - Employee Protection

[0x1] Wake up! Boston bombings a call for renewed citizen vigilance

[0x2] Executive protection: 4 essentials for secure travel

[0x3] Cybercriminals shift focus to bank employees

[0x4] Rick Kelly: Value focus

[0x5] Making the case for preventing workplace violence

[0x6] 10 tips for offsite meeting security

[0x7] World Trade Center security and progress

[0x8] Corporate security experts: Bin Laden death shouldn't impact business, travel plans

[0x9] Security stepped up around U.S. following Bin Laden news

[0xA] Travel security in the Middle East and North Africa

ITWeb Internet

Latest ICT Internet news

[0x1] MS deepens Facebook ties

[0x2] Branded Internet presents wholesale dept

[0x3] X for expensive?

[0x4] Pilots get online training

[0x5] Low connectivity hinders e-business

[0x6] Sony intros classical music e-store

[0x7] MWEB Business expands uncapped services

[0x8] How will SA lower broadband cost?

[0x9] Amazon plans app store

[0xA] MWEB Business extends ADSL offerings

InternetNews Realtime News for IT Managers

All the top news, features, analysis and insight into enterprise and Internet technology, geared for IT managers and delivered by the best in the industry.

[0x1] Microsoft Inks UC Deal With Polycom

[0x2] IT Earnings Way Up at Job Site Elance

[0x3] Google, Verizon Posit Net Neutrality Accord

[0x4] Tech Stocks Gain Despite HP's Plunge

[0x5] New Federal Data Breach Bill Debuts in Senate

[0x6] Cisco Unveils Top 10 Web Malware Threats

[0x7] Microsoft Adds Single Sign-On to Azure

[0x8] Cisco's CSO Details Security Approach

[0x9] Adobe Hurries Patch for PDF Security Flaw

[0xA] HP CEO Hurd Quits After Harassment Investigation

Securitas Operandi™

Incorporating security and risk into everyday thought.

[0x1] The Disintermediation of Corporate IT

[0x2] The end of an era of East Side living / working

[0x3] How to make 2013 your breakout year

[0x4] New Year’s Resolutions: safer Internet usage

[0x5] New Christmas computer, part 3: data backup

[0x6] New Christmas computer, part 2: anti-virus

[0x7] New Christmas computer, part 1: password security

[0x8] LinkedIn skills endorsements adds buzz but not much value

[0x9] Protect your Black Monday shopping with a quick tune-up

[0xA] Which security certification should you earn next?

CSOONLINE.com - Identity & Access

[0x1] Windows 8.1 bolsters biometrics for authentication

[0x2] Spear phishing paves road for Advanced Persistent Threats

[0x3] Booming mobile industry spawning global criminal marketplace

[0x4] Lesson from the Google office hack: Do not trust third-parties

[0x5] Inadvertent disclosure: Knowing the risk

[0x6] Vulnerable terminal servers reflect bigger security problem

[0x7] Brainwaves as passwords a boon for wearable computing

[0x8] Failed authentication frequently thwarts online shoppers

[0x9] Two-factor authentication ready to roll out at Microsoft

[0xA] New U.S. law tightens screws on Chinese cyberespionage

Reformed(?) Hacker

Just another WordPress site

[0x1] The Quanta of Data Processing System Triage – Part 1, the Quanta

[0x2] Simple way to do a headless install of Sun/Oracle Java6 on ubuntu

[0x3] NoSQL in a Sharded MySQL Context

[0x4] P != NP

[0x5] Lessons learned from a vendor

[0x6] Wiki tab sweep

[0x7] Graph processing

[0x8] Tab Sweep: Search

[0x9] Identifier Tab Sweep

[0xA] When two people know less than one

Naked Security - Sophos

News, opinion, advice and research on computer security threats from Sophos

[0x1] Texas becomes first US state to ban warrantless email snooping

[0x2] EU's Cybersecurity Strategy gets harsh criticism from data protection advocate

[0x3] Kentucky man charged with using scans of checks to double-dip funds

[0x4] Yahoo's going to boot us off our deadbeat accounts, but who is going to grab them?

[0x5] Apple chimes in with the "Ain't no PRISM here!" chorus

[0x6] SSCC 111 - PRISM and data leakage, encryption, Google contracts and Flash on phones [PODCAST]

[0x7] US law enforcers want to see a kill switch on our mobile phones

[0x8] FDA tells medical device makers and hospitals to strengthen security

[0x9] Monday review - the hot 16 stories of the week

[0xA] Australia's National Consumer Fraud Week starts today - the motto is, "Outsmart the scammers!"

Infosec Island Latest Articles

Adrift in Threats? Come Ashore!

[0x1] Identity & Access Management: Give Me a REST

[0x2] Over-Sharing Riskier than Government Snooping

[0x3] 20 Critical Security Controls: Control 13 – Boundary Defense

[0x4] Redefining Social Networking

[0x5] Creating Your Own Privacy & ROI

[0x6] Security Intelligence for the Enterprise - Part 1

[0x7] Why are Cybercrimes NOT Always White-collar Crimes?

[0x8] From the SMB to Security Guru: Five Ways IT Pros Can Manage Security on a Budget

[0x9] Balancing Act Between Privacy and Security

[0xA] The NSA’s Word Games Explained: How the Government Deceived Congress in the Debate over Surveillance Powers

Dragos Lungu Dot Com | Security Tools And Tips

100% Unbiased Security Tools Reviews. Computer Security Blog about Phishing, Spyware, Malware and other Threats and Vulnerabilities we face everyday .

[0x1] How to Protect Your Business Network from Phishing Attacks

[0x2] Animated Presentation on Sony PSN Hack

[0x3] ArcSight Tip #1 – arcsight managersetup notification test

[0x4] I’m a CISSP

[0x5] Operation:Payback or Social Vendetta is Here

[0x6] I got owned by Malware Destructor 2011 Virus

[0x7] New Downtime Cost Calculator by Storagepipe.com. What if ?

[0x8] Securing Your Network from Web Threats

[0x9] My Twitter Notes on 2010-07-25

[0xA] New NetWitness Visualize : Welcome To The Future!

Data center news from Network World Fusion

The latest data-center news and analysis from NetworkWorld.com.

[0x1] Open Data Center Alliance tackles big data analysis

[0x2] Scientist out to break Amdahl's law

[0x3] Oracle's Q4 results: What to watch

[0x4] IT morphs as tech and users change

[0x5] China likely to become No. 1 in supercomputing this week

[0x6] Intel wants to be your new cable provider

[0x7] IT isn't going away, says Fox CIO

[0x8] NASA spots sledding marks in Martian sand dunes

[0x9] Hands-free tech still poses high risk for drivers

[0xA] HP ties knot with Google, as Whitman talks up customers

InformationWeek Security News

InformationWeek

[0x1] Google Defends Efforts Against Rogue Pharmacies

[0x2] FBI Driver's License Photo Searches Raise Privacy Questions

[0x3] Privacy Concerns: Big Data's Biggest Barrier?

[0x4] CrowdStrike Falcon Traces Attacks Back To Hackers

[0x5] Google Launches Attack On Online Child Pornography

[0x6] Apple, Facebook, Microsoft Detail Surveillance Requests

[0x7] NSA Prism: Readers Speak

[0x8] Thumb Drive Security: Snowden 1, NSA 0

[0x9] Inside A Cyber Espionage Campaign

[0xA] Vulnerability Reports: What They Don't Tell You

LinuxSecurity.com: OpenBSD Advisories

The central voice for Linux and Open Source security news.

[0x1] Study: Spammers use e-mail ID to gain legitimacy

[0x2] Securing a Linux Web Server

[0x3] OpenBSD: kernel heap overflow in IPsec

[0x4] OpenBSD: login_radius security flaw

[0x5] OpenBSD: Xpm security fix

[0x6] OpenBSD: zlib reliabilty fix

[0x7] OpenBSD: cvs Multiple vulnerabilities

[0x8] OpenBSD: cvs Heap overflow vulnerability

[0x9] OpenBSD: procfs Incorrect bounds checking vulnerability

[0xA] OpenBSD: cvs Pathname validation vulnerabilities

Wired: Threat Level

Kevin Poulsen and Ryan Singel's daily briefing on security, freedom and privacy in the wired and unwired world.

[0x1] Justice Department Fought to Conceal NSA’s Role in Terror Case From Defense Lawyers

[0x2] Google Challenges FISA Gag Orders on Free Speech Grounds

[0x3] The NSA Hearing, by the Numbers

[0x4] NSA Disruption of Stock Exchange Bomb Plot Disputed

[0x5] How Hijackers Commandeered Over 130 American Planes — In 5 Years

[0x6] Skyjacked: The Strange History of Plane Hijackings in America

[0x7] Spygate Leaks Imperil State-Secrets Defense

[0x8] It’s Beyond Ridiculous That Email Isn’t Protected by Privacy Laws

[0x9] Our Top-Secret Message to NSA Whistleblower Edward Snowden

[0xA] Yahoo Supplied Data to PRISM Only After Losing Scrappy FISA Fight

Skypher

The blog for absolutely nothing!

[0x1] Web Development on a Chromebook (2)

[0x2] Web Development on a Chromebook

[0x3] Transformed polygons fractal rendering engine

[0x4] JavaScript 1K poptart cat

[0x5] JavaScript Mandelbrot fractal rendering engine

[0x6] Window Zoom Chrome Extension

[0x7] w32 speaking shellcode – Pwn in style

[0x8] Merry Christmas and a Happy New Year!

[0x9] JsSfx3.2 – JavaScript compression tool updated.

[0xA] JavaScript Perlin flames source

SecDocs feed

Latest security documents RSS feed.

[0x1] [Video] Overwriting the Exception Handling Cache PointerDwarf Oriented Programming

[0x2] [Paper] Overwriting the Exception Handling Cache PointerDwarf Oriented Programming

[0x3] [Slides] Overwriting the Exception Handling Cache PointerDwarf Oriented Programming

[0x4] [Audio] Cryptohaze Cloud Cracking

[0x5] [Video] Cryptohaze Cloud Cracking

[0x6] [Audio] Should the Wall of Sheep Be Illegal? A Debate Over Whether and How Open WiFi Sniffing Should Be Regulated

[0x7] [Video] Should the Wall of Sheep Be Illegal? A Debate Over Whether and How Open WiFi Sniffing Should Be Regulated

[0x8] [Audio] Blind XSS

[0x9] [Video] Blind XSS

[0xA] [Slides] Blind XSS

Search Engine Watch - Latest

Latest News

[0x1] Structured Data: Content, Rich Snippets & Authorship vs. Author Rank

[0x2] 7 Great Sites To Learn Online Video Skills

[0x3] DuckDuckGo Sees Record Traffic After NSA PRISM Scandal

[0x4] Facebook Kills Sponsored Search Results

[0x5] Google, Bing Both Win More Search Market Share

[0x6] Do Stock Photos Affect Google Search Rankings? Matt Cutts Says No

[0x7] Google AdWords Enhanced Campaign CPCs Grow 6% [Report]

[0x8] Google Makes Non-Desktop SEO an Absolute Necessity

[0x9] How to Create Great Content: Start by Creating Content for Yourself

[0xA] PPC and SEO: Higher Conversion Rates Fuel the Need for Better Integration

Uninformed Journal

Informative information for the uninformed

[0x1] Using dual-mappings to evade automated unpackers

[0x2] Analyzing local privilege escalations in win32k

[0x3] Exploiting Tomorrow's Internet Today: Penetration testing with IPv6

[0x4] Can you find me now? Unlocking the Verizon Wireless xv6800 (HTC Titan) GPS

[0x5] An Objective Analysis of the Lockdown Protection System for Battle.net

[0x6] ActiveX - Active Exploitation

[0x7] Context-keyed Payload Encoding

[0x8] Improving Software Security Analysis using Exploitation Properties

[0x9] Real-time Steganography with RTP

[0xA] PatchGuard Reloaded: A Brief Analysis of PatchGuard Version 3

ComPly With Me--- a HIPAA Forum

[0x1] More pulpy goodness coming

[0x2] Sooner or Later...

[0x3] Preventing Cybercrime

[0x4] 3 I's

[0x5] Blue Suit, Red Cape and Red Boots

[0x6] International Talk Like a Pirate Day!

[0x7] Ah, Sweet Mystery

[0x8] Baby One More Time

[0x9] Over and over

[0xA] My Way

Physical Security

[0x1] Mandiant's APT1: Revisited

[0x2] Utica College National Critical Intelligence Estimate

[0x3] Maskirovka – Tactical, Operational, Strategic Deception

[0x4] Wipe out North Korea, or let them do it themselves?

[0x5] BSidesSF 2013: The China Connection

[0x6] Taking the broad view

[0x7] After Sandy Hook, how do we make schools more secure?

[0x8] Caution: Not Executing Offensive Actions Against Our Adversaries is High Risk

[0x9] Iranian Cyber Proxies and Capabilities

[0xA] The Amityville Horror house and physical security

StoneBlog.stonesoft.com

[0x1] Stonesoft 5.5 – Other Enhancements

[0x2] Stonesoft 5.5 – New VoIP Protocols

[0x3] Stonesoft 5.5 – QoS Enhancements

[0x4] Stonesoft 5.5 – Option for Increased Security Strength of Management Connections

[0x5] Stonesoft 5.5 – New Active Alerts View

[0x6] Stonesoft 5.5 – Obsolete Elements

[0x7] Stonesoft 5.5 – Type Ahead Element Creation

[0x8] Stonesoft 5.5 – Easier Log Forwarding

[0x9] Stonesoft 5.5 – NetFlow/IPFIX Forwarding and Reception

[0xA] Stonesoft 5.5 – SMC Load Sharing

CSOONLINE.com - Video Surveillance

[0x1] Wake up! Boston bombings a call for renewed citizen vigilance

[0x2] Boston bombings was not about failed intelligence

[0x3] Securing one million shoppers for the holidays

[0x4] Video content analysis: still looking for its place

[0x5] Will Obama preside over the coming of Big Brother?

[0x6] There's no 911 for cybercrime. If there were, would you call?

[0x7] Case study: Surveillance technology for investigations and crowd control

[0x8] 10 tips for offsite meeting security

[0x9] Security at the scene of the crime

[0xA] U.S. border security strategy faces budget woes

Business Continuity

[0x1] Obama's executive order leaves more questions than answers

[0x2] Taking the broad view

[0x3] Risk Management & Business Technology Resiliency – What’s Changed Since 2009

[0x4] Surviving Sandy

[0x5] Hurricane Sandy Shows A Dramatic Improvement From Botched Katrina Response

[0x6] Hurricane Sandy-Frankenstorm: Some biz continuity planning resources

[0x7] The Biggest Risk To BC Preparedness – 3rd Party Risk

[0x8] CISOs Must Act As The Glue Between BC, DR And Security

[0x9] Business Continuity Standards Don’t Matter -- But They Should

[0xA] Communication And Coordination Should Be The Cornerstone Of Your BC Plan

Hackers Center Blogs

[0x1] Not Another Penetration testing course

[0x2] Data Related to Kneber Botnet breach recovered by Netwitness

[0x3] Building security into business processes

[0x4] Spy Eye tool kit goes after Zeus botnet

[0x5] Black Hat: Researcher claims hack of chip used to secure computers, smartcards

[0x6] China steals Google's data

[0x7] PortSwigger.net - web application security

[0x8] eLearnSecurity : Breaking into system is no more enough

[0x9] NIST releases Security Content Automation Protocol for FISMA

[0xA] A zero-day flaw in the TLS and SSL protocols, which are commonly used to encrypt web pages, has been made public.

Security Tool Files ≈ Packet Storm

Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

[0x1] iOS App Hotspot Cracker

[0x2] Web Soul 2 Scanner

[0x3] Haveged 1.7c

[0x4] OWASP Bricks Torsa Release

[0x5] Sanewall 1.1.3

[0x6] Moscrack WPA Cluster Cracker 2.08b

[0x7] Pantea HTTP Hijacker Tool

[0x8] 360-FAAR Firewall Analysis Audit And Repair 0.4.6

[0x9] Access Road 0.7.3

[0xA] Shellcodecs Shellcoding Toolset

phed.org

the rantings of michael eddington

[0x1] CanSecWest 2013–Gödel’s Gourd

[0x2] Peach 3 Nears Release

[0x3] Changes to Fuzzing Strategies in Peach 2.3.8

[0x4] Peach Training @ CanSecWest 2011

[0x5] Using Code Coverage to Select Fuzzing Sample Files

[0x6] Using .NET Assemblies with Peach 2

[0x7] Looking forward to Peach 3

[0x8] Fuzzing SQL Stored Procedures

[0x9] Changing Defaults for Data Elements

[0xA] Fuzzing Shared Libraries

Hacking EvolutionHacking Evolution |

Another Hackers' Ranting Space

[0x1] Cyber Dawn: Libya

[0x2] Kill all Chrome/Chromium renderer and plugin processes on Linux

[0x3] Sagittarius: PHP Code Obfuscater

[0x4] Your Time Is Almost Up

[0x5] SHRED: Usability Vs. Philosophy

[0x6] Resolved: Facebook Unsubscribe All

[0x7] SCAF And The Revolution

[0x8] Egypt’s Constitution Referendum

[0x9] libgcrypt C++ Wrapper

[0xA] C++ trick or treat

Hacking Cloud Computing

Cloud Computing has fundamentally changed how we view utility computing, add a little Google hacking and other hacking methods and we end up some very interesting things going out on there in terms of what people are sharing. This blog is about the cloud, about data leakage, and comes with a solid request not to be a bad security engineer.

[0x1] Adobe and SAP head towards the cloud

[0x2] Does the Internet really need a Delete Tool?

[0x3] Announcing the Amazon Web Services Certification Program

[0x4] Cross Domain XML Files

[0x5] A walkthrough of the Windows Azure Interface

[0x6] When things go wrong with Windows Azure

[0x7] Facebook Home as a relationship status: It's Complicated

[0x8] Basic control structures in programming

[0x9] Understanding the Security Organization

[0xA] Using Grep and Regular Expressions

Packetstan

A blog about packets, tools, and bacon

[0x1] Snort Fortification Against Evasions

[0x2] What I Learned At Camp

[0x3] Sorting Packet Captures with Scapy

[0x4] Crafting Overlapping Fragments ….. Finally!

[0x5] Crafting Overlapping Fragments ..... Eventually (Part 2)

[0x6] Crafting Overlapping Fragments ..... Eventually

[0x7] NBNS Spoofing on your way to World Domination

[0x8] Extracting AP names from Packet Captures

[0x9] Exploiting Networks with Loki on Backtrack 4 R2

[0xA] Scapy, and Random Acts of Packety Violence

security_watchdog

All the IT security issues that affect you and your business. Direct reports from all the security conferences throughout the year, including RSA conference and Infosec.

[0x1] Google: complete privacy 'does not exist'

[0x2] Kiwi hacker to work for police

[0x3] Data leaks worst security threat

[0x4] UK businesses still don’t ‘get’ security

[0x5] Storm worm fabricates news

[0x6] Road warriors leaking secrets

[0x7] Cyber-crooks sting South Africa for £13m

[0x8] Public wants data breach legislation

[0x9] Hong Kong becomes most dangerous domain

[0xA] Scammers targeting LinkedIn

CSOONLINE.com - Other

[0x1] Rising cyberthreats set backdrop for latest cybersecurity bill

[0x2] LAST: Happy hour

[0x3] iPhone SMS bug said to be serious threat

[0x4] Age-appropriate parenting tools for the concerned security professional

[0x5] Resumption of the crypto wars?

[0x6] PCI 2.0 reviewed

[0x7] How to do a hotel room security check

[0x8] Schneier: Eavesdropping on 'smart homes'

[0x9] "The biggest and worst deal in security history"

[0xA] Passwords in the wild: the future

Mu Dynamics Blog

[0x1] Spirent acquisition of Mu Dynamics marries heavyweight load-bearing, barrage-level security testing | Security Bistro http://bit.ly/IoitP5

[0x2] Why Cloud is Bad for Startups

[0x3] NoOps, ShmoOps and Somebody Else’s Problem

[0x4] Adding New Relic Analytics to Blitz

[0x5] Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1

[0x6] blitz.io: Using Redis Transactions with CouchDB

[0x7] How to win in the age of cyber war

[0x8] Validating Application Detection Signatures

[0x9] Dear Angry Nerds, meet Blitz the Bird Thrower

[0xA] 4 full bars but no buzz?… start doing DPI

Executive Spotlight Podcasts

Listen online, download to your computer, or subscribe and get the latest information automatically.

[0x1] Executive Spotlight Podcast: County of York, Pennsylvania

[0x2] Executive Spotlight Podcast: IT Transformation at Missouri’s Laclede Gas Company

[0x3] Executive Spotlight Podcast: IT from the CFO's Point of View

[0x4] Executive Spotlight Podcast: IT Security and Privacy at New Jersey’s Barnabas Health

[0x5] Executive Spotlight Podcast: Italian National Cancer Institute

[0x6] Executive Spotlight Podcast: Great Eastern Life Assurance Malaysia

[0x7] Executive Spotlight Podcast: University Hospitals of Leuven

[0x8] Executive Spotlight Podcast: Lotus Renault GP

[0x9] Executive Spotlight Podcast: Deloitte U.K.

[0xA] Executive Spotlight Podcast: Thai Airways International

GNUCITIZEN

Information Security Think tank

[0x1] Landing Proxify

[0x2] Fuzzing XML and JSON Pt.1

[0x3] You and Your Research

[0x4] Well Websecurify Runs on The iPhone

[0x5] Stuxnet

[0x6] Having fun with BeEF, the browser exploitation framework

[0x7] ColdFusion directory traversal FAQ (CVE-2010-2861)

[0x8] 1ST European Edition of HITB Coming Up!

[0x9] Hacking Linksys IP Cameras (pt 6)

[0xA] Dnsmap v0.30 is now out!

NovaInfosec.com Blog

Pipes Output

[0x1] Decrypting iMessages at Rest, Questioning NSA Access to Apple Network Devices, and NSLs

[0x2] Last Call for One Day $80 Level 1 Pen Testing Class

[0x3] 2013 OWASP Top 10 Released

[0x4] The Washington Free Beacon Compromised

[0x5] Weekly Rewind – Catch-22, NSA, Government-Owned Computers & More…

[0x6] Crypto Building Blocks

[0x7] Cycle Override Leaving from VA this Sunday

[0x8] If You’re on a Government-Owned Computer, Don’t Click this Link

[0x9] Catch-22 & the NSA Snowden Conspiracy

[0xA] NSA, Verizon, PRISM, PDD 20, & an a HI Job Opportunity

Science | Mail Online

All the latest UK and international science and technology news, video and pictures from the Daily Mail and Mail on Sunday

[0x1] World's only albino gorilla lost his colour - and ultimately died - because his parents were inbred, claims scientists

[0x2] The fascinating and unpredictable world of 'alien' creepy crawlies as you've never seen them before, unveiled by Sir David Attenborough

[0x3] I've cracked it! Designer creates fool-proof egg separator that sucks the yolk from the white without any mess

[0x4] American cave and rock art that lay hidden for SIX THOUSAND YEARS offers unique and remarkable insight into how Native American societies lived their lives

[0x5] Is this the end of sticky labels on fruit? New laser 'tattoos' that mark the skin are approved by the EU

[0x6] It's the end of the world, as we view it: The furthest extremes of the Earth visible on Google Maps

[0x7] The most dangerous places to live in America: Spectacular maps show the devastating effects of mother nature

[0x8] The idiot-proof wrapping paper for men that doesn't need scissors or Sellotape

[0x9] Lost medieval city found in Cambodia using revolutionary scanning technology and Indiana Jones-style expedition

[0xA] World's first flying car sparks £600,000 bidding war among flying enthusiasts

CSOONLINE.com - Network Security

[0x1] Apple end-to-end encryption far from bulletproof

[0x2] Wall Street sets example for testing security defenses

[0x3] Why we can't stop malicious insiders

[0x4] Rising SSL traffic to degrade firewall performance

[0x5] 7 essentials for defending against DDoS attacks

[0x6] Federal regulators address rising security risk to medical devices

[0x7] Microsoft criticized for botnet takedown tactics

[0x8] MIT researchers advance cloud security with end-to-end encyrption

[0x9] NSA snooping bolsters opponents of U.S. Internet control

[0xA] Bitcoin payments could be a landmine for companies

SecuraBit

A show for security professionals.

[0x1] SecuraBit Episode 113: Medical Madness

[0x2] SecuraBit Episode 112: Protect All the Secrets!

[0x3] Securabit Episode 111: Glitching with Derp

[0x4] SecuraBit Episode 110: We can do Science!

[0x5] SecuraBit Episode 109: Hercules had a Z800!

[0x6] SecuraBit Episode 108: 50% Survived DEFCON Edition

[0x7] SecuraBit Episode 107: Summer Con Preview

[0x8] SecuraBit Episode 106: Unlock your Door!

[0x9] SecuraBit Episode 105: Flaming Bluetooth Penetration!

[0xA] SecuraBit Episode 104: Cackalacky Goodness!

Full Disclosure

A lightly moderated high-traffic forum for disclosure of security information. Fresh vulnerabilities sometimes hit this list many hours before they pass through the Bugtraq moderation queue. The relaxed atmosphere of this quirky list provides some comic relief and certain industry gossip. Unfortunately, most of the posts are worthless drivel, so finding the gems takes patience.

[0x1] [SECURITY] [DSA 2698-1] tiff security update

[0x2] DDoS attacks via other sites execution tool

[0x3] [SECURITY] [DSA 2628-2] nss-pam-ldapd update

[0x4] Joomla crypto vulnerability (all versions)

[0x5] [SECURITY] [DSA 2710-1] xml-security-c security update

[0x6] Re: Full-Disclosure Digest, Vol 100, Issue 21

[0x7] Inkasso Trojaner Analysis - Part 1

[0x8] Canon Wireless Printer Disclosure & DoS

[0x9] Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity

[0xA] Re: Microsoft Outlook Vulnerability: S/MIME Loss of Integrity

Jeremy's Brain Dump

Some worthless information from my brain.

[0x1] Mountain Lake

[0x2] FISMA

[0x3] Access Controls Article

[0x4] PMP Equations

[0x5] Math

[0x6] What is security

[0x7] New Hosting

[0x8] WordPress 2.3 and Feedburn Widget

[0x9] So, what is a CISSP anyways?

[0xA] Upgrading the OS on my MythBox

Free Information Technology Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications about information technology and digital communication.

[0x1] Five Steps to a Private Cloud

[0x2] The Cloud - Inevitable, But Not Ubiquitous

[0x3] Cloud: It's all about the Service

[0x4] Five Myths of Cloud Computing

[0x5] IT Operations Managers Must Rethink Their Approach to Private Cloud

[0x6] Build a Cloud within a Day

[0x7] Five Important Keys To Choosing Your Business VoIP Vendor

[0x8] Forrester Research Report: The Future of Mobile Application Development

[0x9] The Essentials of Agile

[0xA] Keys to a Fast, Clean Close

Insanely Low-Level

An Arkon Blog

[0x1] Armstorm – ARM Disassembler

[0x2] diStorm-ARM

[0x3] Appfront

[0x4] Kernel Exploits

[0x5] IsDebuggerPresent – When To Attach a Debugger

[0x6] isX64 Gem

[0x7] Finding Kernel32 Base Address Shellcode

[0x8] Private Symbols Look Up by Binary Signatures

[0x9] diStorm Goes on Diet

[0xA] Binary Hooking Problems

Free IT - Data Management Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications and offers about databases and data management.

[0x1] Lost Data Can Cost You Money - Remote Online Backup Can Save It

[0x2] Advanced Analytics for Big Data with SAP Sybase IQ

[0x3] Design a Strategy for the Real-Time Data Platform

[0x4] Re-envisioning the Data Management Landscape: Road Map to the Real-Time Business

[0x5] Unlocking Business Value with Data Governance, Data Architecture and Metadata Management: Enabling Data Reuse Across the Enterprise

[0x6] Solving the Big Data Challenge of Sensor Data

[0x7] WordPress Security Checklist

[0x8] Top 7 Trends Transforming the High Tech Industry

[0x9] Get Data Backup That Delivers Real ROI

[0xA] Secure Copy Trial Download

Network World on Spam

The latest spam and anti-spam news and analysis from NetworkWorld.com

[0x1] Feds draw a bead on Russian behind Mega-D botnet

[0x2] Ransomware Attack Resurfaces to Hold Files Hostage

[0x3] Adobe Reader X Makes PDF Files Safer

[0x4] McAfee Reports Malware at All-Time High

[0x5] PayPal Users Beware of Holiday Phishing Scam

[0x6] Phishing Attack Targets Merchant Accounts

[0x7] Secure a PC, Website From Firesheep Session Hijacking

[0x8] Is Microsoft Crossing the Line With Security Essentials

[0x9] In-Depth Look at Boonana Malware

[0xA] Phishing Scam Targets United States Military Members

CSOONLINE.com - Security Awareness

[0x1] Source code for Carberp financial malware is for sale at a very low price, researchers say

[0x2] Businesses slow-walk classified data-sharing efforts with feds

[0x3] 5 ways to create a collaborative risk management program

[0x4] Do your employees choose data protection or productivity?

[0x5] The 7 elements of a successful security awareness program

[0x6] Social engineering in penetration tests: 6 tips for ethical (and legal) use

[0x7] Why security is in denial about awareness

[0x8] U.S. Army, Target, others advertising on pirate sites

[0x9] Book excerpt: 'C(I)SO: And Now What?'

[0xA] Azure outage births free cert monitoring software

Hacked Gadgets - DIY Tech Blog

Many articles about hacking gadgets. Examples of extreme technology. DIY projects describing how to build electronic projects. Fun top 5 and top 10 lists.

[0x1] Energy Harvesting Roads and Sidewalks

[0x2] Autonomous Car Build

[0x3] Skot 9000 DigitGrid

[0x4] DIY Vacuum Fluorescent Display Driver using a 555 Timer

[0x5] Arduino based Indoor Environmental Quality Station

[0x6] Arduino LCD Oscilloscope

[0x7] Manual 7 Segment Display

[0x8] Read Analog Voltages with an Arduino and display them on an LCD

[0x9] Name the Thing Contest – 231

[0xA] Clean a Dirty Record using Wood Glue

Free Network / Communications Magazines and Downloads from bestsecuritytips.tradepub.com

Free publications about networking and communication technologies and management.

[0x1] Comparison of Cisco and ShoreTel Unified Communication Solutions

[0x2] Comparison of Avaya and ShoreTel Unified Communication Solutions

[0x3] Demystifying Unified Communications

[0x4] Unified Communications Guide: The Business Case for Unified Communications in the Contact Center

[0x5] 4 Simple Steps to VoIP Vendor Selection

[0x6] Unified Communications Guide: Staying On-Premise or Going to the Cloud

[0x7] Video Collaboration in Education: Building a Foundation for the Digital Age

[0x8] Top 3 Network Security Threats That You Don't Know About

[0x9] Top Five Ways to Prevent Unnecessary Re-Hospitalizations

[0xA] Video Beyond the Conference Room

F-Secure Antivirus Research Weblog

Weblog of F-Secure Antivirus Research Team

[0x1] Post-PC Attack Site: Only Interested in Smartphones/Tablets

[0x2] Rogue Headlines in Google News

[0x3] Fake Antivirus Scan Scam Via Google Play App Ads

[0x4] Bad Bad Piggies On Google Play

[0x5] Not the Mobile Antivirus You Were Looking For

[0x6] Our Mac Team Wants Beta Users

[0x7] Coursera Offers Malware MOOC

[0x8] F-Secure Globe

[0x9] The Future: No Hiding Place

[0xA] Twitter's 2FA: SMS Double-Duty

F5 White Papers

F5 white papers provide information on critical technology areas and how F5 products help you improve upon or prepare for their deployment.

[0x1] Enabling Policy in the New Mobile Architecture

[0x2] Symmetric Optimization in the Cloud with BIG-IP AAM VE

[0x3] Building a CDN with F5

[0x4] Automating F5 Application Services for VMware with F5 BIG-IQ Cloud

[0x5] The Dynamic DNS Infrastructure

[0x6] Replacing Abstract Zones with Real Application Security Policy

[0x7] Post-TMG: Securely Delivering Microsoft Applications

[0x8] Building an Enterprise Cloud with F5 and IBM

[0x9] BYOD 2.0: Moving Beyond MDM

[0xA] Mitigating DDoS Attacks with F5 Technology

Corelan Team

:: Knowledge is not an object, it's a flow ::

[0x1] BlackHatEU2013 – Day2 – DropSmack: How cloud synchronization services render your corporate firewall worthless

[0x2] BlackHatEU2013 – Day2 – Advanced Heap Manipulation in Windows 8

[0x3] BlackHatEU2013 – Day2 – Who’s really attacking your ICS devices ?

[0x4] BlackHatEU2013 – Day2 – The Sandbox Roulette: Are you ready to ramble

[0x5] BlackHatEU2013 – Day 1 – To dock or not to dock

[0x6] BlackHatEU2013 – Day1 – Hardening Windows 8 Apps for the Windows Store

[0x7] BlackHatEU2013 – Day1 – Hacking Appliances

[0x8] BlackHatEU2013 – Day1 – Practical Attacks against MDM solutions

[0x9] Black Hat Europe 2013 – Preview

[0xA] Root Cause Analysis – Memory Corruption Vulnerabilities

Adventures in Security

Commentary, reviews, and tips relevant to anyone responsible for information security. Including how to build and manage a security program, editorials about the state of information security, and do's and don't's based on my 26 years of IT experience.

[0x1] Firefox Sync: Think Twice before Use

[0x2] Looks aren't everything...

[0x3] Google, wireless networks, and ethics...

[0x4] Twitter down... Why should you care?

[0x5] Give Facebook a break...

[0x6] Integrated Malware

[0x7] Patch, patch, patch... and then patch

[0x8] Media management must include printers

[0x9] So, who is liable for negligence?

[0xA] Security double-standards are still a bad idea

CSOONLINE.com - Physical Security

[0x1] Wake up! Boston bombings a call for renewed citizen vigilance

[0x2] Assange to Google's Schmidt: Don't use email

[0x3] Security and vulnerability assessment: 4 common mistakes

[0x4] The SCADA Security Survival Guide

[0x5] Executive protection: 4 essentials for secure travel

[0x6] ERM: The basics

[0x7] Australian-developed vehicle accident prevention technology to hit world stage

[0x8] A primer for school security

[0x9] 77 MORE great ideas for running a security program

[0xA] The security laws, regulations and guidelines directory

Zscaler Research

The Zscaler Research Team is focused on bleeding edge web security research in the cloud computing era. This blog provides an opportunity for us to share our thoughts and ideas and interact with the community at-large. We welcome your feedback and encourage you to join the dialogue.

[0x1] openxadvertising.com Mass Malvertising Campaign

[0x2] Phishers target Yahoo users

[0x3] Rise in Red Kit Exploit Kit Activity

[0x4] Darkleech attack continues to grow

[0x5] Fake YouTube page targets Chrome users

[0x6] Facebook Scam for Stalkers

[0x7] Popular Media Sites Involved in Mass Compromise

[0x8] Fake Flash player on DropBox

[0x9] More Fake SourceForge Websites Show Up

[0xA] scanning binaries for PE format anomalies

shell-fu

[0x1] Tip #894: Watch for Ubuntu 9.10 Launch

[0x2] Tip #892: Check memory and swap from command line

[0x3] Tip #889: Convert virtually any video into a DVD-valid MPEG2 stream

[0x4] Tip #885: Random password generator.

[0x5] Tip #882: Find last modified files on a filesystem

[0x6] Tip #879: Learn not to mistype ls

[0x7] Tip #878: Random xkcd comic

[0x8] Tip #874: Count how many packages have been installed by pacman

[0x9] Tip #873: Import ssh host keys without verification

[0xA] Tip #872: Reverse geocode with bash

Google Online Security Blog

The latest news and insights from Google on security and safety on the Internet.

[0x1] Iranian phishing on the rise as elections approach

[0x2] Increased rewards for Google’s Web Vulnerability Reward Program

[0x3] Disclosure timeline for vulnerabilities under active attack

[0x4] Changes to our SSL Certificates

[0x5] The results are in: Hardcode, the secure coding contest for App Engine

[0x6] New warnings about potentially malicious binaries

[0x7] Google Public DNS Now Supports DNSSEC Validation

[0x8] Videos and articles for hacked site recovery

[0x9] An update on our war against account hijackers

[0xA] Calling student coders: Hardcode, the secure coding contest for App Engine

CSOONLINE.com - Emergency Preparedness

[0x1] Lessons from Sandy: Clarity in the eye of a cyberstorm

[0x2] Business Continuity and Disaster Recovery Planning: The Basics

[0x3] 3 MORE tabletop exercises for business continuity

[0x4] Drilling for disaster at LAX

[0x5] Senator takes cybersecurity law fight to CEOs

[0x6] 4 critical trends in IT business continuity

[0x7] Operation Global Blackout: Real danger or irrelevant?

[0x8] Severe space weather: How big a threat?

[0x9] Does my company need business continuity software?

[0xA] Lieberman: Cybersecurity Act of 2012 will help us protect critical infrastructure

Search Engine Watch

Keep updated with major stories about search engine marketing and search engines as published by Search Engine Watch.

[0x1] Structured Data: Content, Rich Snippets & Authorship vs. Author Rank

[0x2] 7 Great Sites To Learn Online Video Skills

[0x3] DuckDuckGo Sees Record Traffic After NSA PRISM Scandal

[0x4] Facebook Kills Sponsored Search Results

[0x5] Google, Bing Both Win More Search Market Share

[0x6] Do Stock Photos Affect Google Search Rankings? Matt Cutts Says No

[0x7] Google AdWords Enhanced Campaign CPCs Grow 6% [Report]

[0x8] Google Makes Non-Desktop SEO an Absolute Necessity

[0x9] How to Create Great Content: Start by Creating Content for Yourself

[0xA] PPC and SEO: Higher Conversion Rates Fuel the Need for Better Integration

CSOONLINE.com - Executive Communication

[0x1] 5 ways to create a collaborative risk management program

[0x2] Why you need a security buddy (and how to find one)

[0x3] 10 tips to secure funding for a security program

[0x4] Hot security skills of 2013

[0x5] How to determine your company's real risk appetite

[0x6] 15 tips for landing - and acing - a job interview

[0x7] 5 more tough security questions (and tips on answering them)

[0x8] Taking a risk on risk management

[0x9] Making Metrics Matter to the C-Suite

[0xA] To Work Better, You Need a Change of Perspective

CSOONLINE.com - Fraud Prevention

[0x1] Researchers warn of increased Zeus malware activity this year

[0x2] New Citadel malware variant targets Payza online payment platform

[0x3] Study: HK has less malware infections but more phishing sites than global average

[0x4] Hackers increasingly target shared Web hosting servers for use in mass phishing attacks

[0x5] Recently patched Java flaw already targeted in mass attacks, researchers say

[0x6] Southern Africa experiencing increased mobile, Internet banking fraud

[0x7] Researchers find malware targeting online stock trading software

[0x8] Symantec report finds small businesses battered by cybercrime

[0x9] Bitcoin volatility caused by surge in demand, slow software

[0xA] Ubisoft takes download service offline after breach

DEF CON 18 [Audio] Speeches from the Hacker Convention.

DEF CON 18 [Audio] Speeches from the Hacker Convention.

[0x1] A.P. Delchi - Physical Security : You're Doing It Wrong!

[0x2] Adam Pridgen & Matt Wollenweber - Toolsmithing an IDA Bridge, Case Study for Building a Reverse Engineering Tool

[0x3] Adrian Crenshaw - Programmable HID USB Keystroke Dongle: Using the Teensy as a Pen Testing Device

[0x4] Ki-Chan Ahn & Dong-Joo Ha - Malware Migrating to Gaming Consoles: Embedded Devices, an Antivirus-Free Safe Hideout For Malware

[0x5] Andrew Kongs & Dr. Gerald Kane - Training the Next Generation of Hardware Hackers -- Teaching Computer Organization and Assembly Language Hands-On with Embedded Systems

[0x6] Anthony Lai, Jake Appelbaum & Jon Oberheide - The Power of Chinese Security

[0x7] Anthony Lineberry, David Luke Richardson & Tim Wyatt - These Aren't the Permissions You're Looking For

[0x8] Barrett Weisshaar & Garret Picchioni - The Night The Lights Went Out In Vegas: Demystifying Smartmeter Networks

[0x9] Barnaby Jack - Jackpotting Automated Teller Machines Redux

[0xA] Blake Self & bitemytaco - Hacking DOCSIS For Fun and Profit

The MITRE Digest

The MITRE Digest is an online magazine that showcases our latest work in aviation systems, defense and intelligence, federal sector modernization, homeland security, and cutting–edge research. We cover timely topics that affect our sponsors and the national interest.

[0x1] Reaching New Heights: MITRE Helps Modernize, Elevate Afghanistan's Air Traffic

[0x2] Engineering an Advanced Missile Defense Shield for Europe

[0x3] PRISM: Transforming the Science of Remote Sensing

[0x4] Arming Doctors and Pharmacists with Data, the US T